De-virtualize JSVariableObject::isDynamicScope
[WebKit-https.git] / Source / JavaScriptCore / ChangeLog
1 2011-11-09  Mark Hahnenberg  <mhahnenberg@apple.com>
2
3         De-virtualize JSVariableObject::isDynamicScope
4         https://bugs.webkit.org/show_bug.cgi?id=71933
5
6         Reviewed by Geoffrey Garen.
7
8         * runtime/JSActivation.cpp:
9         * runtime/JSActivation.h: Inlined and de-virtualized isDynamicScope
10         (JSC::JSActivation::isDynamicScope):
11         * runtime/JSGlobalObject.cpp:
12         * runtime/JSGlobalObject.h: Inlined and de-virtualized isDynamicScope
13         (JSC::JSGlobalObject::isDynamicScope):
14         * runtime/JSStaticScopeObject.cpp:
15         * runtime/JSStaticScopeObject.h: Inlined and de-virtualized isDynamicScope
16         (JSC::JSStaticScopeObject::createStructure): Changed createStructure to use new JSType
17         (JSC::JSStaticScopeObject::isDynamicScope):
18         * runtime/JSType.h: Added new type for JSStaticScopeObject
19         * runtime/JSVariableObject.cpp: De-virtualized and added an implementation that checks the 
20         object's type and calls the corresponding implementation.
21         (JSC::JSVariableObject::isDynamicScope):
22         * runtime/JSVariableObject.h:
23
24 2011-11-09  Mark Hahnenberg  <mhahnenberg@apple.com>
25
26         De-virtualize JSGlobalObject::hasOwnPropertyForWrite
27         https://bugs.webkit.org/show_bug.cgi?id=71934
28
29         Reviewed by Geoffrey Garen.
30
31         * runtime/JSGlobalObject.h: Removed the virtual-ness of hasOwnPropertyForWrite since nobody overrides it.
32
33 2011-11-09  Gavin Barraclough  <barraclough@apple.com>
34
35         https://bugs.webkit.org/show_bug.cgi?id=71873
36
37         Reviewed by Geoff Garen.
38
39         Incrementally re-landing these changes, trying to determine what went wrong.
40         (The whole patch failed tests on the build bot but worked locally.
41
42         * assembler/MacroAssemblerARM.h:
43         (JSC::MacroAssemblerARM::absDouble):
44         * assembler/MacroAssemblerARMv7.h:
45         * assembler/MacroAssemblerMIPS.h:
46         (JSC::MacroAssemblerMIPS::absDouble):
47         * assembler/MacroAssemblerSH4.h:
48         (JSC::MacroAssemblerSH4::absDouble):
49         * assembler/MacroAssemblerX86.h:
50         (JSC::MacroAssemblerX86::absDouble):
51         * assembler/MacroAssemblerX86Common.h:
52         * assembler/MacroAssemblerX86_64.h:
53         (JSC::MacroAssemblerX86_64::absDouble):
54         * dfg/DFGSpeculativeJIT32_64.cpp:
55         (JSC::DFG::SpeculativeJIT::compile):
56         * dfg/DFGSpeculativeJIT64.cpp:
57         (JSC::DFG::SpeculativeJIT::compile):
58         * jit/ThunkGenerators.cpp:
59         (JSC::absThunkGenerator):
60
61 2011-11-09  Mark Hahnenberg  <mhahnenberg@apple.com>
62
63         De-virtualize JSObject::getOwnPropertyDescriptor
64         https://bugs.webkit.org/show_bug.cgi?id=71523
65
66         Reviewed by Sam Weinig.
67
68         Added getOwnPropertyDescriptor to the MethodTable, changed all of the 
69         virtual versions of getOwnPropertyDescriptor to static ones, and 
70         changed all of the call sites to the corresponding lookup in the MethodTable.
71
72         * API/JSCallbackObject.h:
73         * API/JSCallbackObjectFunctions.h:
74         (JSC::::getOwnPropertyDescriptor):
75         * JavaScriptCore.exp:
76         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
77         * debugger/DebuggerActivation.cpp:
78         (JSC::DebuggerActivation::getOwnPropertyDescriptor):
79         * debugger/DebuggerActivation.h:
80         * runtime/Arguments.cpp:
81         (JSC::Arguments::getOwnPropertyDescriptor):
82         * runtime/Arguments.h:
83         * runtime/ArrayConstructor.cpp:
84         (JSC::ArrayConstructor::getOwnPropertyDescriptor):
85         * runtime/ArrayConstructor.h:
86         * runtime/ArrayPrototype.cpp:
87         (JSC::ArrayPrototype::getOwnPropertyDescriptor):
88         * runtime/ArrayPrototype.h:
89         * runtime/BooleanPrototype.cpp:
90         (JSC::BooleanPrototype::getOwnPropertyDescriptor):
91         * runtime/BooleanPrototype.h:
92         * runtime/ClassInfo.h:
93         * runtime/DateConstructor.cpp:
94         (JSC::DateConstructor::getOwnPropertyDescriptor):
95         * runtime/DateConstructor.h:
96         * runtime/DatePrototype.cpp:
97         (JSC::DatePrototype::getOwnPropertyDescriptor):
98         * runtime/DatePrototype.h:
99         * runtime/ErrorPrototype.cpp:
100         (JSC::ErrorPrototype::getOwnPropertyDescriptor):
101         * runtime/ErrorPrototype.h:
102         * runtime/JSArray.cpp:
103         (JSC::JSArray::getOwnPropertyDescriptor):
104         * runtime/JSArray.h:
105         * runtime/JSByteArray.cpp:
106         (JSC::JSByteArray::getOwnPropertyDescriptor):
107         * runtime/JSByteArray.h:
108         * runtime/JSCell.cpp:
109         (JSC::JSCell::getOwnPropertyDescriptor):
110         * runtime/JSCell.h:
111         * runtime/JSFunction.cpp:
112         (JSC::JSFunction::getOwnPropertyDescriptor):
113         * runtime/JSFunction.h:
114         * runtime/JSGlobalObject.cpp:
115         (JSC::JSGlobalObject::getOwnPropertyDescriptor):
116         * runtime/JSGlobalObject.h:
117         * runtime/JSNotAnObject.cpp:
118         (JSC::JSNotAnObject::getOwnPropertyDescriptor):
119         * runtime/JSNotAnObject.h:
120         * runtime/JSONObject.cpp:
121         (JSC::JSONObject::getOwnPropertyDescriptor):
122         * runtime/JSONObject.h:
123         * runtime/JSObject.cpp:
124         (JSC::JSObject::vtableAnchor):
125         (JSC::JSObject::propertyIsEnumerable):
126         (JSC::JSObject::getOwnPropertyDescriptor):
127         (JSC::JSObject::getPropertyDescriptor):
128         (JSC::JSObject::defineOwnProperty):
129         * runtime/JSObject.h:
130         * runtime/JSString.cpp: Removed getOwnPropertyDescriptor, since this seems to be a relic from a 
131         bygone era when getOwnPropertyDescriptor was rooted in JSCell rather than JSObject.  There were 
132         no call sites for this version of getOwnPropertyDescriptor in the entire project.
133         * runtime/JSString.h:
134         * runtime/Lookup.h:
135         (JSC::getStaticPropertyDescriptor):
136         (JSC::getStaticFunctionDescriptor):
137         (JSC::getStaticValueDescriptor):
138         * runtime/MathObject.cpp:
139         (JSC::MathObject::getOwnPropertyDescriptor):
140         * runtime/MathObject.h:
141         * runtime/NumberConstructor.cpp:
142         (JSC::NumberConstructor::getOwnPropertyDescriptor):
143         * runtime/NumberConstructor.h:
144         * runtime/NumberPrototype.cpp:
145         (JSC::NumberPrototype::getOwnPropertyDescriptor):
146         * runtime/NumberPrototype.h:
147         * runtime/ObjectConstructor.cpp:
148         (JSC::ObjectConstructor::getOwnPropertyDescriptor):
149         (JSC::objectConstructorGetOwnPropertyDescriptor):
150         * runtime/ObjectConstructor.h:
151         * runtime/ObjectPrototype.cpp:
152         (JSC::ObjectPrototype::getOwnPropertyDescriptor):
153         * runtime/ObjectPrototype.h:
154         * runtime/RegExpConstructor.cpp:
155         (JSC::RegExpConstructor::getOwnPropertyDescriptor):
156         * runtime/RegExpConstructor.h:
157         * runtime/RegExpMatchesArray.h:
158         (JSC::RegExpMatchesArray::getOwnPropertyDescriptor):
159         * runtime/RegExpObject.cpp:
160         (JSC::RegExpObject::getOwnPropertyDescriptor):
161         * runtime/RegExpObject.h:
162         * runtime/RegExpPrototype.cpp:
163         (JSC::RegExpPrototype::getOwnPropertyDescriptor):
164         * runtime/RegExpPrototype.h:
165         * runtime/StringConstructor.cpp:
166         (JSC::StringConstructor::getOwnPropertyDescriptor):
167         * runtime/StringConstructor.h:
168         * runtime/StringObject.cpp:
169         (JSC::StringObject::vtableAnchor): Added to prevent a weak vtable.
170         (JSC::StringObject::getOwnPropertyDescriptor):
171         * runtime/StringObject.h:
172         * runtime/StringPrototype.cpp:
173         (JSC::StringPrototype::getOwnPropertyDescriptor):
174         * runtime/StringPrototype.h:
175
176 2011-11-09  Gavin Barraclough  <barraclough@apple.com>
177
178         https://bugs.webkit.org/show_bug.cgi?id=71873
179
180         Reviewed by Geoff Garen.
181
182         Incrementally re-landing these changes, trying to determine what went wrong.
183         (The whole patch failed tests on the build bot but worked locally.
184
185         * assembler/MacroAssemblerARM.h:
186         (JSC::MacroAssemblerARM::supportsFloatingPoint):
187         (JSC::MacroAssemblerARM::supportsFloatingPointTruncate):
188         (JSC::MacroAssemblerARM::supportsFloatingPointSqrt):
189         (JSC::MacroAssemblerARM::supportsFloatingPointAbs):
190         * assembler/MacroAssemblerARMv7.h:
191         (JSC::MacroAssemblerARMv7::supportsFloatingPoint):
192         (JSC::MacroAssemblerARMv7::supportsFloatingPointTruncate):
193         (JSC::MacroAssemblerARMv7::supportsFloatingPointSqrt):
194         (JSC::MacroAssemblerARMv7::supportsFloatingPointAbs):
195         * assembler/MacroAssemblerMIPS.h:
196         (JSC::MacroAssemblerMIPS::supportsFloatingPoint):
197         (JSC::MacroAssemblerMIPS::supportsFloatingPointTruncate):
198         (JSC::MacroAssemblerMIPS::supportsFloatingPointSqrt):
199         (JSC::MacroAssemblerMIPS::supportsFloatingPointAbs):
200         * assembler/MacroAssemblerSH4.h:
201         (JSC::MacroAssemblerSH4::supportsFloatingPoint):
202         (JSC::MacroAssemblerSH4::supportsFloatingPointTruncate):
203         (JSC::MacroAssemblerSH4::supportsFloatingPointSqrt):
204         (JSC::MacroAssemblerSH4::supportsFloatingPointAbs):
205         * assembler/MacroAssemblerX86.h:
206         (JSC::MacroAssemblerX86::supportsFloatingPoint):
207         (JSC::MacroAssemblerX86::supportsFloatingPointTruncate):
208         (JSC::MacroAssemblerX86::supportsFloatingPointSqrt):
209         (JSC::MacroAssemblerX86::supportsFloatingPointAbs):
210         * assembler/MacroAssemblerX86_64.h:
211         (JSC::MacroAssemblerX86_64::supportsFloatingPoint):
212         (JSC::MacroAssemblerX86_64::supportsFloatingPointTruncate):
213         (JSC::MacroAssemblerX86_64::supportsFloatingPointSqrt):
214         (JSC::MacroAssemblerX86_64::supportsFloatingPointAbs):
215         * jit/ThunkGenerators.cpp:
216         (JSC::absThunkGenerator):
217
218 2011-11-08  Darin Adler  <darin@apple.com>
219
220         Add code path in HashTable for emptyValueIsZero that does not require copying the empty value
221         https://bugs.webkit.org/show_bug.cgi?id=71875
222
223         Reviewed by Anders Carlsson.
224
225         This is a step along the path of making OwnPtr work as HashMap value types.
226
227         * wtf/Alignment.h: Moved the AlignedBufferChar and AlignedBuffer types from Vector.h here.
228         Also fixed include style. To include other WTF headers inside WTF, we use "" includes.
229         I did not change the code to fix style checker complaints.
230
231         * wtf/HashTable.h: Added includes as needed and fixed include style.
232         (WTF::doubleHash): Removed the uneeeded and inappropriate "static" in this function, which
233         gave it internal linkage for no good reason.
234         (WTF::HashTable::checkKey): Made this use AlignedBuffer for the deleted value check to avoid
235         construction/destruction problems instead of doing the trick where we construct and destroy
236         an empty value twice. It's cleaner and simpler and avoids copying the empty value.
237         (WTF::HashTable::initializeBucket): Specialized initializeBucket to use memset when the
238         empty value is zero rather than copying an empty value.
239
240         * wtf/Vector.h: Moved the AlignedBufferChar and AlignedBuffer types into Alignment.h.
241
242 2011-11-09  Gabor Rapcsanyi  <rgabor@webkit.org>
243
244         Buildfix for 32bit debug mode.
245
246         Reviewed by Csaba Osztrogonác.
247
248         * dfg/DFGAbstractState.cpp:
249         (JSC::DFG::AbstractState::dump):
250         * dfg/DFGGraph.cpp:
251         (JSC::DFG::Graph::dump):
252
253 2011-11-09  Andy Wingo  <wingo@igalia.com>
254
255         Enable the DFG JIT on X86-64 Linux platforms
256         https://bugs.webkit.org/show_bug.cgi?id=71373
257
258         Reviewed by Csaba Osztrogonác.
259
260         * wtf/Platform.h (ENABLE_DFG_JIT): Enable the DFG JIT on the
261         x86-64 GNU/Linux platform.
262         * CMakeListsEfl.txt: Add JSValue64 implementations to EFL build.
263
264 2011-11-09  Csaba Osztrogonác  <ossy@webkit.org>
265
266         Enable the DFG JIT on x86-64 Linux platforms
267         https://bugs.webkit.org/show_bug.cgi?id=71373
268
269         Enable DFG JIT by default on X86 Linux and Mac platforms
270         https://bugs.webkit.org/show_bug.cgi?id=71686
271
272         Buildfix for stricter compilers: -Werror=unused-but-set-variable
273
274         Reviewed by Zoltan Herczeg.
275
276         * dfg/DFGSpeculativeJIT.cpp:
277         (JSC::DFG::SpeculativeJIT::compilePutByValForByteArray):
278         * dfg/DFGSpeculativeJIT32_64.cpp:
279         (JSC::DFG::SpeculativeJIT::compile):
280         * dfg/DFGSpeculativeJIT64.cpp:
281         (JSC::DFG::SpeculativeJIT::compile):
282
283 2011-11-09  Sheriff Bot  <webkit.review.bot@gmail.com>
284
285         Unreviewed, rolling out r99678.
286         http://trac.webkit.org/changeset/99678
287         https://bugs.webkit.org/show_bug.cgi?id=71882
288
289         broke the build with -Werror=unused-but-set-variable
290         (Requested by tronical_ on #webkit).
291
292         * CMakeListsEfl.txt:
293         * wtf/Platform.h:
294
295 2011-11-09  Andy Wingo  <wingo@igalia.com>
296
297         Enable the DFG JIT on X86-64 Linux platforms
298         https://bugs.webkit.org/show_bug.cgi?id=71373
299
300         Reviewed by Filip Pizlo.
301
302         * wtf/Platform.h (ENABLE_DFG_JIT): Enable the DFG JIT on the
303         x86-64 GNU/Linux platform.
304         * CMakeListsEfl.txt: Add JSValue64 implementations to EFL build.
305
306 2011-11-09  Mark Hahnenberg  <mhahnenberg@apple.com>
307
308         De-virtualize JSObject::defineOwnProperty
309         https://bugs.webkit.org/show_bug.cgi?id=71429
310
311         Reviewed by Geoffrey Garen.
312
313         Added defineOwnProperty to the MethodTable, changed all the virtual 
314         implementations of defineOwnProperty to static ones, and replaced 
315         all call sites with corresponding lookups in the MethodTable.
316
317         * JavaScriptCore.exp:
318         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
319         * runtime/Arguments.cpp:
320         (JSC::Arguments::createStrictModeCallerIfNecessary):
321         (JSC::Arguments::createStrictModeCalleeIfNecessary):
322         * runtime/ClassInfo.h:
323         * runtime/JSCell.cpp:
324         (JSC::JSCell::defineOwnProperty):
325         * runtime/JSCell.h:
326         * runtime/JSObject.cpp:
327         (JSC::JSObject::defineOwnProperty):
328         * runtime/JSObject.h:
329         * runtime/ObjectConstructor.cpp:
330         (JSC::objectConstructorDefineProperty):
331         (JSC::defineProperties):
332
333 2011-11-09  Simon Hausmann  <simon.hausmann@nokia.com>
334
335         [Qt] Build system cleanup
336         https://bugs.webkit.org/show_bug.cgi?id=71815
337
338         Reviewed by Kenneth Rohde Christiansen.
339
340         * wtf/wtf.pri: Moved the glib dependency to javascriptcore.prf.
341
342 2011-11-08  Simon Hausmann  <simon.hausmann@nokia.com>
343
344         [Qt] Replace use of QApplication with QGuiApplication
345         https://bugs.webkit.org/show_bug.cgi?id=71794
346
347         Reviewed by Andreas Kling.
348
349         Add compat headers for use when building with Qt 4: QGuiApplication
350         is typedef'ed to QApplication.
351
352         * wtf/qt/compat/QGuiApplication: Added.
353         * wtf/qt/compat/qguiapplication.h: Added.
354
355 2011-11-08  Sheriff Bot  <webkit.review.bot@gmail.com>
356
357         Unreviewed, rolling out r99647.
358         http://trac.webkit.org/changeset/99647
359         https://bugs.webkit.org/show_bug.cgi?id=71876
360
361         It broke jsc and layout tests on all bot (Requested by
362         Ossy_night on #webkit).
363
364         * assembler/MacroAssemblerARM.h:
365         (JSC::MacroAssemblerARM::supportsFloatingPoint):
366         (JSC::MacroAssemblerARM::supportsFloatingPointTruncate):
367         (JSC::MacroAssemblerARM::supportsFloatingPointSqrt):
368         (JSC::MacroAssemblerARM::supportsDoubleBitops):
369         (JSC::MacroAssemblerARM::andnotDouble):
370         * assembler/MacroAssemblerARMv7.h:
371         (JSC::MacroAssemblerARMv7::supportsFloatingPoint):
372         (JSC::MacroAssemblerARMv7::supportsFloatingPointTruncate):
373         (JSC::MacroAssemblerARMv7::supportsFloatingPointSqrt):
374         (JSC::MacroAssemblerARMv7::supportsDoubleBitops):
375         * assembler/MacroAssemblerMIPS.h:
376         (JSC::MacroAssemblerMIPS::andnotDouble):
377         (JSC::MacroAssemblerMIPS::supportsFloatingPoint):
378         (JSC::MacroAssemblerMIPS::supportsFloatingPointTruncate):
379         (JSC::MacroAssemblerMIPS::supportsFloatingPointSqrt):
380         (JSC::MacroAssemblerMIPS::supportsDoubleBitops):
381         * assembler/MacroAssemblerSH4.h:
382         (JSC::MacroAssemblerSH4::supportsFloatingPoint):
383         (JSC::MacroAssemblerSH4::supportsFloatingPointTruncate):
384         (JSC::MacroAssemblerSH4::supportsFloatingPointSqrt):
385         (JSC::MacroAssemblerSH4::supportsDoubleBitops):
386         (JSC::MacroAssemblerSH4::andnotDouble):
387         * assembler/MacroAssemblerX86.h:
388         (JSC::MacroAssemblerX86::MacroAssemblerX86):
389         (JSC::MacroAssemblerX86::supportsFloatingPoint):
390         (JSC::MacroAssemblerX86::supportsFloatingPointTruncate):
391         (JSC::MacroAssemblerX86::supportsFloatingPointSqrt):
392         (JSC::MacroAssemblerX86::supportsDoubleBitops):
393         * assembler/MacroAssemblerX86Common.h:
394         (JSC::MacroAssemblerX86Common::andnotDouble):
395         * assembler/MacroAssemblerX86_64.h:
396         (JSC::MacroAssemblerX86_64::supportsFloatingPoint):
397         (JSC::MacroAssemblerX86_64::supportsFloatingPointTruncate):
398         (JSC::MacroAssemblerX86_64::supportsFloatingPointSqrt):
399         (JSC::MacroAssemblerX86_64::supportsDoubleBitops):
400         * assembler/X86Assembler.h:
401         * dfg/DFGByteCodeParser.cpp:
402         (JSC::DFG::ByteCodeParser::handleIntrinsic):
403         * dfg/DFGSpeculativeJIT32_64.cpp:
404         (JSC::DFG::SpeculativeJIT::compile):
405         * dfg/DFGSpeculativeJIT64.cpp:
406         (JSC::DFG::SpeculativeJIT::compile):
407         * jit/ThunkGenerators.cpp:
408         (JSC::absThunkGenerator):
409         * runtime/JSGlobalData.cpp:
410
411 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
412
413         Better abstract 'abs' operation through the MacroAssembler.
414         https://bugs.webkit.org/show_bug.cgi?id=71873
415
416         Reviewed by Geoff Garen.
417
418         Currently the x86 specific instruction sequence to perform a double abs
419         is duplicated throughout the JITs / thunk generators.
420
421         * assembler/MacroAssemblerARM.h:
422         (JSC::MacroAssemblerARM::supportsFloatingPoint):
423         (JSC::MacroAssemblerARM::supportsFloatingPointTruncate):
424         (JSC::MacroAssemblerARM::supportsFloatingPointSqrt):
425         (JSC::MacroAssemblerARM::supportsFloatingPointAbs):
426         (JSC::MacroAssemblerARM::absDouble):
427             - Renamed supportsFloatingPointAbs, make these methods static so that
428               we can check the JIT's capabilites before we begin compilation.
429         * assembler/MacroAssemblerARMv7.h:
430         (JSC::MacroAssemblerARMv7::supportsFloatingPoint):
431         (JSC::MacroAssemblerARMv7::supportsFloatingPointTruncate):
432         (JSC::MacroAssemblerARMv7::supportsFloatingPointSqrt):
433         (JSC::MacroAssemblerARMv7::supportsFloatingPointAbs):
434             - Renamed supportsFloatingPointAbs, make these methods static so that
435               we can check the JIT's capabilites before we begin compilation.
436         * assembler/MacroAssemblerMIPS.h:
437         (JSC::MacroAssemblerMIPS::absDouble):
438         (JSC::MacroAssemblerMIPS::supportsFloatingPoint):
439         (JSC::MacroAssemblerMIPS::supportsFloatingPointTruncate):
440         (JSC::MacroAssemblerMIPS::supportsFloatingPointSqrt):
441         (JSC::MacroAssemblerMIPS::supportsFloatingPointAbs):
442             - Renamed supportsFloatingPointAbs, make these methods static so that
443               we can check the JIT's capabilites before we begin compilation.
444         * assembler/MacroAssemblerSH4.h:
445         (JSC::MacroAssemblerSH4::supportsFloatingPoint):
446         (JSC::MacroAssemblerSH4::supportsFloatingPointTruncate):
447         (JSC::MacroAssemblerSH4::supportsFloatingPointSqrt):
448         (JSC::MacroAssemblerSH4::supportsFloatingPointAbs):
449         (JSC::MacroAssemblerSH4::absDouble):
450             - Renamed supportsFloatingPointAbs, make these methods static so that
451               we can check the JIT's capabilites before we begin compilation.
452         * assembler/MacroAssemblerX86.h:
453         (JSC::MacroAssemblerX86::absDouble):
454         (JSC::MacroAssemblerX86::supportsFloatingPoint):
455         (JSC::MacroAssemblerX86::supportsFloatingPointTruncate):
456         (JSC::MacroAssemblerX86::supportsFloatingPointSqrt):
457         (JSC::MacroAssemblerX86::supportsFloatingPointAbs):
458             - Made supports* methods static so that we can check the JIT's
459               capabilites before we begin compilation. Added absDouble.
460         * assembler/MacroAssemblerX86Common.h:
461             - Removed andnotDouble, added s_maskSignBit.
462         * assembler/MacroAssemblerX86_64.h:
463         (JSC::MacroAssemblerX86_64::absDouble):
464         (JSC::MacroAssemblerX86_64::supportsFloatingPoint):
465         (JSC::MacroAssemblerX86_64::supportsFloatingPointTruncate):
466         (JSC::MacroAssemblerX86_64::supportsFloatingPointSqrt):
467         (JSC::MacroAssemblerX86_64::supportsFloatingPointAbs):
468             - Made supports* methods static so that we can check the JIT's
469               capabilites before we begin compilation. Added absDouble.
470         * assembler/X86Assembler.h:
471         (JSC::X86Assembler::andpd_rr):
472         (JSC::X86Assembler::andpd_mr):
473             - Added support for andpd instruction.
474         * dfg/DFGByteCodeParser.cpp:
475         (JSC::DFG::ByteCodeParser::handleIntrinsic):
476             - Added checks for supportsFloatingPointAbs, supportsFloatingPointSqrt.
477         * dfg/DFGSpeculativeJIT32_64.cpp:
478         (JSC::DFG::SpeculativeJIT::compile):
479             - Switched to use doubleAbs, we can now also reuse the operand register for the result.
480         * dfg/DFGSpeculativeJIT64.cpp:
481         (JSC::DFG::SpeculativeJIT::compile):
482             - Switched to use doubleAbs, we can now also reuse the operand register for the result.
483         * jit/ThunkGenerators.cpp:
484             - Switched to use doubleAbs.
485         (JSC::absThunkGenerator):
486         * runtime/JSGlobalData.cpp:
487             - Declared MacroAssemblerX86Common::s_maskSignBit here.
488               This is a little ugly, but it doesn't seem worth adding a whole extra .cpp
489               to the compile for just one constant.
490
491 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
492
493         Move duplicates of SYMBOL_STRING* macros to the single location
494         https://bugs.webkit.org/show_bug.cgi?id=71456
495
496         Reviewed by Sam Weinig.
497
498         * JavaScriptCore.xcodeproj/project.pbxproj:
499         * dfg/DFGOperations.cpp:
500         * jit/JITStubs.cpp:
501         * wtf/InlineASM.h: Added.
502             - Moved asm related macros.
503
504 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
505
506         Move code to handle 8bit regs from X86Assembler to MacroAssembler
507         https://bugs.webkit.org/show_bug.cgi?id=71867
508
509         Reviewed by Oliver Hunt.
510
511         This code is fine, but is in the wrong place really. X86 assembler should
512         basically just format up exactly the instruction you request - not expand
513         out to a set of instructions (that is what the macro assembler layer is
514         for!). For other 8-bit ops, on X86 we don't guard against clients accessing
515         the XH registers.
516
517         * assembler/MacroAssemblerX86Common.h:
518         (JSC::MacroAssemblerX86Common::store8):
519         * assembler/X86Assembler.h:
520         (JSC::X86Assembler::movb_rm):
521             - moved some code.
522
523 2011-11-08  Filip Pizlo  <fpizlo@apple.com>
524
525         Unreviewed build fix for GTK.
526
527         * GNUmakefile.list.am:
528
529 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
530
531         Build fix.
532
533         * assembler/X86Assembler.h:
534
535 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
536
537         Errrk, failed to commit this in last change.
538
539         * assembler/X86Assembler.h:
540
541 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
542
543         Remove an unused method.
544
545         Rubber stamped by Geoff Garen.
546
547         * assembler/AbstractMacroAssembler.h:
548         * assembler/AssemblerBuffer.h:
549             - removed rewindToLabel.
550
551 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
552
553         Fix OSR entry points to calculate offsets correctly WRT to branch compaction.
554         https://bugs.webkit.org/show_bug.cgi?id=71864
555
556         Reviewed by Filip Pizlo.
557
558         * assembler/LinkBuffer.h:
559         (JSC::LinkBuffer::offsetOf):
560             - We use this to return the offsets into the code of the entry points.
561         * dfg/DFGJITCompiler.cpp:
562         (JSC::DFG::JITCompiler::compileEntry):
563         (JSC::DFG::JITCompiler::compileBody):
564         (JSC::DFG::JITCompiler::compile):
565         (JSC::DFG::JITCompiler::compileFunction):
566             - Move the construction of the speculative JIT outside of
567               compileBody, such that it is still available to link the
568               OSR entry points at the point we are linking.
569         * dfg/DFGJITCompiler.h:
570         (JSC::DFG::JITCompiler::noticeOSREntry):
571             - Pass the label of the block & linkbuffer into noticeOSREntry.
572         * dfg/DFGSpeculativeJIT.cpp:
573         (JSC::DFG::SpeculativeJIT::compile):
574         (JSC::DFG::SpeculativeJIT::linkOSREntries):
575             - Moved call to noticeOSREntry until we we linking.
576         * dfg/DFGSpeculativeJIT.h:
577         * jit/JIT.cpp:
578         (JSC::JIT::privateCompileMainPass):
579         (JSC::JIT::privateCompileSlowCases):
580         (JSC::JIT::privateCompile):
581             - Moved calculation of entries until we we linking.
582         * jit/JIT.h:
583             - Removed some members.
584
585 2011-11-08  Filip Pizlo  <fpizlo@apple.com>
586
587         DFG OSR exit code should be generated by a separate compiler, not
588         related to DFG::JITCompiler
589         https://bugs.webkit.org/show_bug.cgi?id=71787
590
591         Reviewed by Gavin Barraclough.
592         
593         Moves the exitSpeculativeWithOSR() method from JITCompiler to
594         OSRExitCompiler::compileExit().
595
596         * CMakeListsEfl.txt:
597         * JavaScriptCore.xcodeproj/project.pbxproj:
598         * Target.pri:
599         * dfg/DFGJITCompiler.cpp:
600         (JSC::DFG::JITCompiler::linkOSRExits):
601         * dfg/DFGJITCompiler32_64.cpp: Removed.
602         * dfg/DFGOSRExitCompiler.h: Added.
603         (JSC::DFG::OSRExitCompiler::OSRExitCompiler):
604         * dfg/DFGOSRExitCompiler32_64.cpp: Added.
605         (JSC::DFG::OSRExitCompiler::compileExit):
606         * dfg/DFGOSRExitCompiler64.cpp: Added.
607         (JSC::DFG::OSRExitCompiler::compileExit):
608         * runtime/JSValue.h:
609
610 2011-11-08  Filip Pizlo  <fpizlo@apple.com>
611
612         Basic DFG definitions should be moved out of DFGNode.h
613         https://bugs.webkit.org/show_bug.cgi?id=71861
614
615         Rubber-stamped by Gavin Barraclough.
616
617         * JavaScriptCore.xcodeproj/project.pbxproj:
618         * dfg/DFGCommon.h: Added.
619         (JSC::DFG::NodeIndexTraits::defaultValue):
620         * dfg/DFGNode.h:
621         * dfg/DFGOSRExit.h:
622         * dfg/DFGRegisterBank.h:
623
624 2011-11-08  Michael Saboff  <msaboff@apple.com>
625
626         Towards 8 Bit Strings: Templatize JSC::Parser class by Lexer type
627         https://bugs.webkit.org/show_bug.cgi?id=71761
628
629         Templatized Parser based on Lexer<T>. Moved two enums,
630         SourceElementsMode and FunctionRequirements out of Parser definition
631         to work around a clang compiler defect.
632
633         Cleaned up SourceCode data() to return StringImpl* and eliminated
634         the recently added stringData() virtual method.
635
636         To keep code in Parser.cpp and keep Parser.h small, the two flavors
637         of Parser are explicitly instantiated at the end of Parser.cpp.
638
639         Reviewed by Gavin Barraclough.
640
641         * interpreter/Interpreter.cpp:
642         (JSC::appendSourceToError):
643         * parser/Lexer.cpp:
644         (JSC::::setCode):
645         (JSC::::sourceCode):
646         * parser/Parser.cpp:
647         (JSC::::Parser):
648         (JSC::::~Parser):
649         (JSC::::parseInner):
650         (JSC::::didFinishParsing):
651         (JSC::::allowAutomaticSemicolon):
652         (JSC::::parseSourceElements):
653         (JSC::::parseVarDeclaration):
654         (JSC::::parseConstDeclaration):
655         (JSC::::parseDoWhileStatement):
656         (JSC::::parseWhileStatement):
657         (JSC::::parseVarDeclarationList):
658         (JSC::::parseConstDeclarationList):
659         (JSC::::parseForStatement):
660         (JSC::::parseBreakStatement):
661         (JSC::::parseContinueStatement):
662         (JSC::::parseReturnStatement):
663         (JSC::::parseThrowStatement):
664         (JSC::::parseWithStatement):
665         (JSC::::parseSwitchStatement):
666         (JSC::::parseSwitchClauses):
667         (JSC::::parseSwitchDefaultClause):
668         (JSC::::parseTryStatement):
669         (JSC::::parseDebuggerStatement):
670         (JSC::::parseBlockStatement):
671         (JSC::::parseStatement):
672         (JSC::::parseFormalParameters):
673         (JSC::::parseFunctionBody):
674         (JSC::::parseFunctionInfo):
675         (JSC::::parseFunctionDeclaration):
676         (JSC::::parseExpressionOrLabelStatement):
677         (JSC::::parseExpressionStatement):
678         (JSC::::parseIfStatement):
679         (JSC::::parseExpression):
680         (JSC::::parseAssignmentExpression):
681         (JSC::::parseConditionalExpression):
682         (JSC::::isBinaryOperator):
683         (JSC::::parseBinaryExpression):
684         (JSC::::parseProperty):
685         (JSC::::parseObjectLiteral):
686         (JSC::::parseStrictObjectLiteral):
687         (JSC::::parseArrayLiteral):
688         (JSC::::parsePrimaryExpression):
689         (JSC::::parseArguments):
690         (JSC::::parseMemberExpression):
691         (JSC::::parseUnaryExpression):
692         * parser/Parser.h:
693         (JSC::::parse):
694         (JSC::parse):
695         * parser/SourceCode.h:
696         (JSC::SourceCode::data):
697         (JSC::SourceCode::subExpression):
698         * parser/SourceProvider.h:
699         (JSC::UStringSourceProvider::data):
700
701 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
702
703         Fix PropertyAccessRecords in DFG JIT to take account of branch compaction.
704         https://bugs.webkit.org/show_bug.cgi?id=71855
705
706         Reviewed by Filip Pizlo.
707
708         The DFG JIT presently calculates a set of offsets early, before branches have been compacted.
709         This won't work on ARMv7.
710
711         * assembler/AbstractMacroAssembler.h:
712         (JSC::AbstractMacroAssembler::differenceBetweenCodePtr):
713         * assembler/LinkBuffer.h:
714         (JSC::LinkBuffer::locationOf):
715         * dfg/DFGJITCodeGenerator32_64.cpp:
716         (JSC::DFG::JITCodeGenerator::cachedGetById):
717         (JSC::DFG::JITCodeGenerator::cachedPutById):
718         * dfg/DFGJITCodeGenerator64.cpp:
719         (JSC::DFG::JITCodeGenerator::cachedGetById):
720         (JSC::DFG::JITCodeGenerator::cachedPutById):
721         * dfg/DFGJITCompiler.cpp:
722         (JSC::DFG::JITCompiler::link):
723         * dfg/DFGJITCompiler.h:
724         (JSC::DFG::PropertyAccessRecord::PropertyAccessRecord):
725         (JSC::DFG::JITCompiler::addPropertyAccess):
726
727 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
728
729         DFG JIT calculation of OSR entry points is not THUMB2 safe
730         https://bugs.webkit.org/show_bug.cgi?id=71852
731
732         Reviewed by Oliver Hunt.
733
734         Executable addresses are tagged with a low bit set to distinguish
735         between THUMB2 and traditional ARM.
736
737         * dfg/DFGJITCompiler.cpp:
738         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
739         * dfg/DFGJITCompiler32_64.cpp:
740         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
741         * dfg/DFGOSREntry.cpp:
742         (JSC::DFG::prepareOSREntry):
743         * jit/JITCode.h:
744         (JSC::JITCode::executableAddressAtOffset):
745         (JSC::JITCode::start):
746         (JSC::JITCode::size):
747
748 2011-11-08  Michael Saboff  <msaboff@apple.com>
749
750         JSC::Parser::Parser leaks Lexer member
751         https://bugs.webkit.org/show_bug.cgi?id=71847
752
753         Changed m_lexer member of Parser to be OwnPtr to fix a memory leak.
754
755         Reviewed by Oliver Hunt.
756
757         * parser/Parser.cpp:
758         (JSC::Parser::Parser):
759         (JSC::Parser::parseFunctionBody):
760         * parser/Parser.h:
761
762 2011-11-08  Yuqiang Xian  <yuqiang.xian@intel.com>
763
764         Enable DFG JIT by default on X86 Linux and Mac platforms
765         https://bugs.webkit.org/show_bug.cgi?id=71686
766
767         Reviewed by Filip Pizlo.
768
769         We can get 9% on SunSpider, 89% on Kraken and 37% on V8, on Linux X86.
770
771         * wtf/Platform.h:
772
773 2011-11-08  Yuqiang Xian  <yuqiang.xian@intel.com>
774
775         DFG 32_64 - update make lists for efl, gtk, and Qt ports with DFG change r99519
776         https://bugs.webkit.org/show_bug.cgi?id=71768
777
778         Reviewed by Geoffrey Garen.
779
780         Also includes a fix to make the newly introduced AssemblyHelpers
781         friend of JSValue as we need the Tag definitions.
782
783         * CMakeListsEfl.txt:
784         * GNUmakefile.list.am:
785         * Target.pri:
786         * runtime/JSValue.h:
787
788 2011-11-07  Yuqiang Xian  <yuqiang.xian@intel.com>
789
790         Fix gcc 4.4 compilation warnings in DFG 32_64
791         https://bugs.webkit.org/show_bug.cgi?id=71762
792
793         Reviewed by Filip Pizlo.
794
795         * dfg/DFGJITCodeGenerator.h:
796         (JSC::DFG::JITCodeGenerator::registersMatched):
797
798 2011-11-07  Filip Pizlo  <fpizlo@apple.com>
799
800         DFG code base should allow for classes not related to DFG::JITCompiler
801         to use DFG idioms
802         https://bugs.webkit.org/show_bug.cgi?id=71746
803
804         Reviewed by Gavin Barraclough.
805
806         * JavaScriptCore.xcodeproj/project.pbxproj:
807         * dfg/DFGAssemblyHelpers.cpp: Added.
808         (JSC::DFG::AssemblyHelpers::decodedCodeMapFor):
809         (JSC::DFG::AssemblyHelpers::emitCount):
810         (JSC::DFG::AssemblyHelpers::setSamplingFlag):
811         (JSC::DFG::AssemblyHelpers::clearSamplingFlag):
812         (JSC::DFG::AssemblyHelpers::jitAssertIsInt32):
813         (JSC::DFG::AssemblyHelpers::jitAssertIsJSInt32):
814         (JSC::DFG::AssemblyHelpers::jitAssertIsJSNumber):
815         (JSC::DFG::AssemblyHelpers::jitAssertIsJSDouble):
816         (JSC::DFG::AssemblyHelpers::jitAssertIsCell):
817         * dfg/DFGAssemblyHelpers.h: Added.
818         * dfg/DFGJITCompiler.cpp:
819         * dfg/DFGJITCompiler.h:
820         (JSC::DFG::JITCompiler::JITCompiler):
821         (JSC::DFG::JITCompiler::graph):
822         * dfg/DFGJITCompiler32_64.cpp:
823         * dfg/DFGOSRExit.h: Added.
824         (JSC::DFG::SpeculationRecovery::SpeculationRecovery):
825         (JSC::DFG::SpeculationRecovery::type):
826         (JSC::DFG::SpeculationRecovery::dest):
827         (JSC::DFG::SpeculationRecovery::src):
828         (JSC::DFG::OSRExit::numberOfRecoveries):
829         (JSC::DFG::OSRExit::valueRecovery):
830         (JSC::DFG::OSRExit::isArgument):
831         (JSC::DFG::OSRExit::isVariable):
832         (JSC::DFG::OSRExit::argumentForIndex):
833         (JSC::DFG::OSRExit::variableForIndex):
834         (JSC::DFG::OSRExit::operandForArgument):
835         (JSC::DFG::OSRExit::operandForIndex):
836         * dfg/DFGSpeculativeJIT.h:
837
838 2011-11-07  Filip Pizlo  <fpizlo@apple.com>
839
840         Switch back to 1+1 value profiling buckets, since it didn't help on arewefastyet,
841         but it appears to help on other benchmarks.
842
843         Rubber stamped by Oliver Hunt.
844
845         * bytecode/ValueProfile.h:
846
847 2011-11-07  Ariya Hidayat  <ariya@sencha.com>
848
849         "use strict" can not contain escape sequences or line continuation
850         https://bugs.webkit.org/show_bug.cgi?id=71532
851
852         Reviewed by Darin Adler.
853
854         Store the actual literal length (before the escapes and line
855         continuation are encoded) while parsing the directive and use it
856         for the directive comparison.
857
858         * parser/Parser.cpp:
859         (JSC::Parser::parseSourceElements):
860         (JSC::Parser::parseStatement):
861         * parser/Parser.h:
862
863 2011-11-06  Filip Pizlo  <fpizlo@apple.com>
864
865         DFG operationCreateThis slow path may get the wrong callee in case of inlining
866         https://bugs.webkit.org/show_bug.cgi?id=71647
867
868         Reviewed by Oliver Hunt.
869         
870         No new tests because I only saw this manifest itself when I had other bugs
871         leading to spurious slow path executions.
872
873         * dfg/DFGJITCodeGenerator.h:
874         (JSC::DFG::callOperation):
875         * dfg/DFGOperations.cpp:
876         * dfg/DFGOperations.h:
877         * dfg/DFGSpeculativeJIT32_64.cpp:
878         (JSC::DFG::SpeculativeJIT::compile):
879         * dfg/DFGSpeculativeJIT64.cpp:
880         (JSC::DFG::SpeculativeJIT::compile):
881
882 2011-11-07  Mark Hahnenberg  <mhahnenberg@apple.com>
883
884         De-virtualize JSObject::putWithAttributes
885         https://bugs.webkit.org/show_bug.cgi?id=71716
886
887         Reviewed by Darin Adler.
888
889         Added putWithAttributes to the MethodTable, changed all the virtual 
890         implementations of putWithAttributes to static ones, and replaced 
891         all call sites with corresponding lookups in the MethodTable.
892
893         * API/JSObjectRef.cpp:
894         (JSObjectSetProperty):
895         * JavaScriptCore.exp:
896         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
897         * debugger/DebuggerActivation.cpp:
898         (JSC::DebuggerActivation::putWithAttributes):
899         * debugger/DebuggerActivation.h:
900         * interpreter/Interpreter.cpp:
901         (JSC::Interpreter::execute):
902         * runtime/ClassInfo.h:
903         * runtime/JSActivation.cpp:
904         (JSC::JSActivation::putWithAttributes):
905         * runtime/JSActivation.h:
906         * runtime/JSCell.cpp:
907         (JSC::JSCell::putWithAttributes):
908         * runtime/JSCell.h:
909         * runtime/JSGlobalObject.cpp:
910         (JSC::JSGlobalObject::putWithAttributes):
911         * runtime/JSGlobalObject.h:
912         * runtime/JSObject.cpp:
913         (JSC::JSObject::putWithAttributes):
914         (JSC::putDescriptor):
915         * runtime/JSObject.h:
916         * runtime/JSStaticScopeObject.cpp:
917         (JSC::JSStaticScopeObject::putWithAttributes):
918         * runtime/JSStaticScopeObject.h:
919         * runtime/JSVariableObject.cpp:
920         (JSC::JSVariableObject::putWithAttributes):
921         * runtime/JSVariableObject.h:
922
923 2011-11-07  Dmitry Lomov  <dslomov@google.com>
924
925         Unreviewed. Release build fix.
926
927         * parser/Lexer.cpp:
928         (JSC::assertCharIsIn8BitRange):
929
930 2011-11-07  Filip Pizlo  <fpizlo@apple.com>
931
932         Switch the value profiler back to 8 buckets, because we suspect that while this
933         is more expensive it's also more stable.
934
935         Rubber stamped by Geoff Garen.
936
937         * bytecode/ValueProfile.h:
938
939 2011-11-07  Andrew Wason  <rectalogic@rectalogic.com>
940
941         Uninitialized Heap member var
942         https://bugs.webkit.org/show_bug.cgi?id=71722
943
944         Reviewed by Filip Pizlo.
945
946         * heap/Heap.cpp:
947         (JSC::Heap::Heap): Initialize m_blockFreeingThreadShouldQuit
948
949 2011-11-07  Yuqiang Xian  <yuqiang.xian@intel.com>
950
951         DFG 32_64 - registers cannot be reused arbitrarily if speculation failures are possible
952         https://bugs.webkit.org/show_bug.cgi?id=71684
953
954         Reviewed by Filip Pizlo.
955
956         Currently in DFG JIT, we try to reuse the physical register of an
957         operand for temporary usage if the current use of the operand is the
958         last use. But sometimes this can be wrong, for example if there are
959         possible speculation failures and we need to fallback to baseline JIT,
960         the value of the operand which is supposed to be hold in the physical
961         register can be modified by register reusing. The fixes the last
962         inspector failures in layout test on Mac 32-bit if switching on DFG.
963
964         * dfg/DFGSpeculativeJIT32_64.cpp:
965         (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
966         (JSC::DFG::SpeculativeJIT::compile):
967
968 2011-11-07  Ryosuke Niwa  <rniwa@webkit.org>
969
970         REGRESSION(r99436): Broke Snow Leopard debug build
971         https://bugs.webkit.org/show_bug.cgi?id=71713
972
973         Reviewed by Darin Adler.
974
975         Put the assertion in a template and use template specialization
976         to avoid warning when instantiated with UChar or LChar.
977
978         In the long term, we should have traits for unsigned integral types
979         and use that to specialize template instead of specializing it for UChar and LChar.
980
981         * parser/Lexer.cpp:
982         (JSC::assertCharIsIn8BitRange):
983         (JSC::::append8):
984
985 2011-11-07  ChangSeok Oh  <shivamidow@gmail.com>
986
987         [EFL] Support requestAnimationFrame API
988         https://bugs.webkit.org/show_bug.cgi?id=67112
989
990         Reviewed by Andreas Kling.
991
992         Let EFL port use REQUEST_ANIMATION_FRAME_TIMER.
993
994         * wtf/Platform.h:
995
996 2011-11-07  Michael Saboff  <msaboff@apple.com>
997
998         Towards 8 Bit Strings: Templatize JSC::Lexer class by character type
999         https://bugs.webkit.org/show_bug.cgi?id=71331
1000
1001         Change the Lexer class to be a template class based on the character
1002         type of the source.  In the process updated the parseIdentifier()
1003         and parseString() methods to create 8 bit strings where possible.
1004         Also added some helper methods for accumulating temporary string
1005         data in the 8 and 16 bit vectors.
1006
1007         Changed the SourceProvider::data() virtual method to return a
1008         StringImpl* instead of a UChar*.
1009
1010         Updated the KeywordLookup generator to create code to match keywords
1011         for both 8 and 16 bit source strings.
1012
1013         Due to a compiler bug (<rdar://problem/10194295>) moved enum
1014         definition outside of Lexer class declaration.  Remove second enum
1015         no longer needed.
1016
1017         Reviewed by Darin Adler.
1018
1019         * KeywordLookupGenerator.py:
1020         * interpreter/Interpreter.cpp:
1021         (JSC::Interpreter::callEval):
1022         * parser/Lexer.cpp:
1023         (JSC::::Lexer):
1024         (JSC::::~Lexer):
1025         (JSC::::getInvalidCharMessage):
1026         (JSC::::currentCharacter):
1027         (JSC::::setCode):
1028         (JSC::::internalShift):
1029         (JSC::::shift):
1030         (JSC::::peek):
1031         (JSC::::getUnicodeCharacter):
1032         (JSC::::shiftLineTerminator):
1033         (JSC::::lastTokenWasRestrKeyword):
1034         (JSC::::record8):
1035         (JSC::::append8):
1036         (JSC::::append16):
1037         (JSC::::record16):
1038         (JSC::::parseIdentifier):
1039         (JSC::::parseIdentifierSlowCase):
1040         (JSC::::parseString):
1041         (JSC::::parseStringSlowCase):
1042         (JSC::::parseHex):
1043         (JSC::::parseOctal):
1044         (JSC::::parseDecimal):
1045         (JSC::::parseNumberAfterDecimalPoint):
1046         (JSC::::parseNumberAfterExponentIndicator):
1047         (JSC::::parseMultilineComment):
1048         (JSC::::nextTokenIsColon):
1049         (JSC::::lex):
1050         (JSC::::scanRegExp):
1051         (JSC::::skipRegExp):
1052         (JSC::::clear):
1053         (JSC::::sourceCode):
1054         * parser/Lexer.h:
1055         (JSC::Lexer::append16):
1056         (JSC::Lexer::currentOffset):
1057         (JSC::Lexer::setOffsetFromCharOffset):
1058         (JSC::::isWhiteSpace):
1059         (JSC::::isLineTerminator):
1060         (JSC::::convertHex):
1061         (JSC::::convertUnicode):
1062         (JSC::::makeIdentifier):
1063         (JSC::::setCodeStart):
1064         (JSC::::makeIdentifierLCharFromUChar):
1065         (JSC::::lexExpectIdentifier):
1066         * parser/Parser.cpp:
1067         (JSC::Parser::Parser):
1068         (JSC::Parser::parseProperty):
1069         (JSC::Parser::parseMemberExpression):
1070         * parser/Parser.h:
1071         (JSC::Parser::next):
1072         (JSC::Parser::nextExpectIdentifier):
1073         * parser/ParserArena.h:
1074         (JSC::IdentifierArena::makeIdentifier):
1075         (JSC::IdentifierArena::makeIdentifierLCharFromUChar):
1076         * parser/SourceCode.h:
1077         (JSC::SourceCode::subExpression):
1078         * parser/SourceProvider.h:
1079         (JSC::UStringSourceProvider::stringData):
1080         * parser/SourceProviderCache.h:
1081         * parser/SyntaxChecker.h:
1082         * runtime/FunctionPrototype.cpp:
1083         (JSC::insertSemicolonIfNeeded):
1084         * runtime/Identifier.cpp:
1085         (JSC::IdentifierTable::add):
1086         (JSC::IdentifierLCharFromUCharTranslator::hash):
1087         (JSC::IdentifierLCharFromUCharTranslator::equal):
1088         (JSC::IdentifierLCharFromUCharTranslator::translate):
1089         (JSC::Identifier::add8):
1090         * runtime/Identifier.h:
1091         (JSC::Identifier::Identifier):
1092         (JSC::Identifier::createLCharFromUChar):
1093         (JSC::Identifier::canUseSingleCharacterString):
1094         (JSC::IdentifierCharBufferTranslator::hash):
1095         (JSC::IdentifierCharBufferTranslator::equal):
1096         (JSC::IdentifierCharBufferTranslator::translate):
1097         (JSC::Identifier::add):
1098         (JSC::Identifier::equal):
1099         (JSC::IdentifierTable::add):
1100         * runtime/JSGlobalObjectFunctions.cpp:
1101         (JSC::decode):
1102         (JSC::parseIntOverflow):
1103         (JSC::globalFuncUnescape):
1104         * runtime/JSGlobalObjectFunctions.h:
1105         (JSC::parseIntOverflow):
1106         * runtime/LiteralParser.cpp:
1107         (JSC::LiteralParser::tryJSONPParse):
1108         (JSC::LiteralParser::Lexer::lexString):
1109         * wtf/text/StringImpl.h:
1110
1111 2011-11-07  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>
1112
1113         [Qt] Put the jsc binary in 'bin' instead of leaving it deep in the build tree
1114
1115         Allows us to not package up the whole Source/JavaScriptCore directory for the
1116         buildbots.
1117
1118         Reviewed-by Simon Hausmann.
1119
1120         * jsc.pro:
1121
1122 2011-11-06  Filip Pizlo  <fpizlo@apple.com>
1123
1124         REGRESSION(r99374): GTK+ build of the jsc binary doesn't like the call
1125         to initializeMainThread, and crashes
1126         https://bugs.webkit.org/show_bug.cgi?id=71643
1127
1128         Reviewed by Sam Weinig.
1129
1130         * jsc.cpp:
1131         (main):
1132
1133 2011-11-06  Sam Weinig  <sam@webkit.org>
1134
1135         Add space missing from some class declarations
1136         https://bugs.webkit.org/show_bug.cgi?id=71632
1137
1138         Reviewed by Anders Carlsson.
1139
1140         * assembler/AssemblerBufferWithConstantPool.h:
1141         * bytecode/CodeBlock.h:
1142         * dfg/DFGVariableAccessData.h:
1143         * heap/VTableSpectrum.h:
1144         * jit/ExecutableAllocator.cpp:
1145         * jit/ExecutableAllocatorFixedVMPool.cpp:
1146         * wtf/MetaAllocatorHandle.h:
1147         * wtf/UnionFind.h:
1148
1149 2011-11-06  Sam Weinig  <sam@webkit.org>
1150
1151         Allow use of FINAL in JavaScriptCore
1152         https://bugs.webkit.org/show_bug.cgi?id=71630
1153
1154         Reviewed by Anders Carlsson.
1155
1156         * Configurations/Base.xcconfig:
1157         Don't warn about C++11 extensions used in C++98 mode.
1158
1159 2011-11-05  Filip Pizlo  <fpizlo@apple.com>
1160
1161         Value profiling should just use two buckets
1162         https://bugs.webkit.org/show_bug.cgi?id=71619
1163
1164         Reviewed by Gavin Barraclough.
1165         
1166         Added one more configuration options (like Heuristics::minimumOptimizationDelay),
1167         improved debugging in JIT optimization support, changed the number of buckets
1168         in the value profile from 9 to 2, and wrote a more optimal value profiling path
1169         in the old JIT to take advantage of this. It's still possible to play around with
1170         larger numbers of buckets, and we should probably keep this for a little while
1171         until we convince ourselves that using just two buckets is the right call.
1172
1173         * bytecode/CodeBlock.cpp:
1174         (JSC::CodeBlock::shouldOptimizeNow):
1175         * bytecode/ValueProfile.h:
1176         * jit/JITInlineMethods.h:
1177         (JSC::JIT::emitValueProfilingSite):
1178         * jit/JITStubs.cpp:
1179         (JSC::DEFINE_STUB_FUNCTION):
1180         * runtime/Heuristics.cpp:
1181         (JSC::Heuristics::initializeHeuristics):
1182         * runtime/Heuristics.h:
1183
1184 2011-11-03  Filip Pizlo  <fpizlo@apple.com>
1185
1186         JSC should be able to sample itself in a more flexible way than just sampling flags
1187         https://bugs.webkit.org/show_bug.cgi?id=71522
1188
1189         Reviewed by Gavin Barraclough.
1190         
1191         Added a construct that looks like SamplingRegion samplingRegion("name").
1192
1193         * JavaScriptCore.exp:
1194         * JavaScriptCore.xcodeproj/project.pbxproj:
1195         * bytecode/SamplingTool.cpp:
1196         (JSC::SamplingRegion::Locker::Locker):
1197         (JSC::SamplingRegion::Locker::~Locker):
1198         (JSC::SamplingRegion::sample):
1199         (JSC::SamplingRegion::dump):
1200         (JSC::SamplingRegion::dumpInternal):
1201         (JSC::SamplingThread::threadStartFunc):
1202         * bytecode/SamplingTool.h:
1203         (JSC::SamplingRegion::SamplingRegion):
1204         (JSC::SamplingRegion::~SamplingRegion):
1205         (JSC::SamplingRegion::exchangeCurrent):
1206         * bytecompiler/BytecodeGenerator.cpp:
1207         (JSC::BytecodeGenerator::generate):
1208         * dfg/DFGDriver.cpp:
1209         (JSC::DFG::compile):
1210         * heap/Heap.cpp:
1211         (JSC::Heap::markRoots):
1212         (JSC::Heap::collect):
1213         * heap/VTableSpectrum.cpp:
1214         (JSC::VTableSpectrum::countVPtr):
1215         (JSC::VTableSpectrum::dump):
1216         * heap/VTableSpectrum.h:
1217         * jsc.cpp:
1218         (main):
1219         (runWithScripts):
1220         * parser/Parser.h:
1221         (JSC::parse):
1222         * runtime/Executable.cpp:
1223         (JSC::EvalExecutable::compileInternal):
1224         (JSC::ProgramExecutable::compileInternal):
1225         (JSC::FunctionExecutable::compileForCallInternal):
1226         (JSC::FunctionExecutable::compileForConstructInternal):
1227         * wtf/Atomics.h:
1228         (WTF::weakCompareAndSwap):
1229         * wtf/Platform.h:
1230         * wtf/Spectrum.h: Added.
1231         (WTF::Spectrum::Spectrum):
1232         (WTF::Spectrum::add):
1233         (WTF::Spectrum::get):
1234         (WTF::Spectrum::begin):
1235         (WTF::Spectrum::end):
1236         (WTF::Spectrum::KeyAndCount::KeyAndCount):
1237         (WTF::Spectrum::KeyAndCount::operator<):
1238         (WTF::Spectrum::buildList):
1239         * wtf/wtf.pri:
1240
1241 2011-11-05  Sam Weinig  <sam@webkit.org>
1242
1243         Fix windows build.
1244
1245         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1246
1247 2011-11-04  Sam Weinig  <sam@webkit.org>
1248
1249         Reduce the number of putWithAttributes
1250         https://bugs.webkit.org/show_bug.cgi?id=71597
1251
1252         Reviewed by Adam Roben.
1253
1254         * JavaScriptCore.exp:
1255         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1256         Remove exports of removed functions.
1257
1258         * runtime/JSActivation.cpp:
1259         (JSC::JSActivation::putWithAttributes):
1260         Calling the overload without the extra parameters does the same thing.
1261
1262         * runtime/JSObject.cpp:
1263         (JSC::JSObject::putWithAttributes):
1264         * runtime/JSObject.h:
1265         Remove four unused JSObject::putWithAttributes overloads and make one of the remaining
1266         two overloads not virtual, since no one overrides it.
1267
1268 2011-11-04  Pratik Solanki  <psolanki@apple.com>
1269
1270         sqrtDouble and andnotDouble should be declared noreturn
1271         https://bugs.webkit.org/show_bug.cgi?id=71592
1272
1273         Reviewed by Sam Weinig.
1274
1275         * assembler/MacroAssemblerARMv7.h:
1276
1277 2011-11-04  Mark Hahnenberg  <mhahnenberg@apple.com>
1278
1279         De-virtualize JSObject::hasInstance
1280         https://bugs.webkit.org/show_bug.cgi?id=71430
1281
1282         Reviewed by Darin Adler.
1283
1284         Added hasInstance to the MethodTable, changed all the virtual 
1285         implementations of hasInstance to static ones, and replaced 
1286         all call sites with corresponding lookups in the MethodTable.
1287
1288         * API/JSCallbackObject.h:
1289         * API/JSCallbackObjectFunctions.h:
1290         (JSC::::hasInstance):
1291         * API/JSValueRef.cpp:
1292         (JSValueIsInstanceOfConstructor):
1293         * JavaScriptCore.exp:
1294         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1295         * interpreter/Interpreter.cpp:
1296         (JSC::Interpreter::privateExecute):
1297         * jit/JITStubs.cpp:
1298         (JSC::DEFINE_STUB_FUNCTION):
1299         * runtime/ClassInfo.h:
1300         * runtime/JSBoundFunction.cpp:
1301         (JSC::JSBoundFunction::hasInstance):
1302         * runtime/JSBoundFunction.h:
1303         * runtime/JSCell.cpp:
1304         (JSC::JSCell::hasInstance):
1305         * runtime/JSCell.h:
1306         * runtime/JSObject.cpp:
1307         (JSC::JSObject::hasInstance):
1308         * runtime/JSObject.h:
1309
1310 2011-11-04  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>
1311
1312         [Qt] Refactor and clean up the qmake build system
1313
1314         The qmake build system has accumulated a bit of cruft and redundancy
1315         over time. There's also a fairly tight coupling between how to build
1316         the various targets, and _what_ to build, making it harder to add new
1317         rules or sources. This patch aims to elevate these issues somewhat.
1318
1319         This is a short-list of the changes:
1320
1321           * The rules for how to build targets are now mostly contained as
1322             prf-files in Tools/qmake/mkspecs/features. Using mkspecs also
1323             allows us to do pre- and post-processing of each project file,
1324             which helps to clean up the actual project files.
1325
1326           * Derived sources are no longer generated as a separate make-step
1327             but is part of each target's project file as a subdir. Makefile
1328             rules are used to ensure that we run make on the derived sources
1329             before running qmake on the actual target makefile. This makes
1330             it easier to keep a proper dependency between derived sources
1331             and the target.
1332
1333           * We use GNU make and the compiler to generate dependencies on
1334             UNIX-based systems running Qt 5. This allows us to lessen the
1335             need to run qmake, which should reduce compile time.
1336
1337           * WebKit2 is now build by default if building with Qt 5. It can
1338             be disabled by passing --no-webkit2 to build-webkit.
1339
1340         The result of these changes are hopefully a cleaner and easier
1341         build system to modify, and faster build times due to no longer
1342         running qmake on every single build. It's also a first step
1343         towards possibly generating the list of sources using another
1344         build system.
1345
1346         https://bugs.webkit.org/show_bug.cgi?id=71222
1347
1348         Reviewed by Simon Hausmann.
1349
1350         * DerivedSources.pri: Added.
1351         * DerivedSources.pro: Removed.
1352         * JavaScriptCore.pro:
1353         * Target.pri: Copied from Source/JavaScriptCore/JavaScriptCore.pro.
1354         * headers.pri: Removed.
1355         * jsc.pro:
1356         * wtf/wtf.pri:
1357         * yarr/yarr.pri:
1358
1359 2011-11-04  Yuqiang Xian  <yuqiang.xian@intel.com>
1360
1361         More code clean-up in DFG 32_64
1362         https://bugs.webkit.org/show_bug.cgi?id=71540
1363
1364         Remove unnecessary code duplications, and fix compilation warnings.
1365
1366         Reviewed by Gavin Barraclough.
1367
1368         * dfg/DFGJITCompiler.cpp:
1369         (JSC::DFG::JITCompiler::emitCount):
1370         (JSC::DFG::JITCompiler::setSamplingFlag):
1371         (JSC::DFG::JITCompiler::clearSamplingFlag):
1372         (JSC::DFG::JITCompiler::jitAssertIsCell):
1373         * dfg/DFGJITCompiler32_64.cpp:
1374         * dfg/DFGSpeculativeJIT32_64.cpp:
1375         (JSC::DFG::SpeculativeJIT::compile):
1376
1377 2011-11-04  Csaba Osztrogonác  <ossy@webkit.org>
1378
1379         De-virtualize JSObject::hasInstance
1380         https://bugs.webkit.org/show_bug.cgi?id=71430
1381
1382         Unreviewed rolling out r99238, because it made a test crash on all platform.
1383
1384         * API/JSCallbackObject.h:
1385         * API/JSCallbackObjectFunctions.h:
1386         (JSC::::hasInstance):
1387         * API/JSValueRef.cpp:
1388         (JSValueIsInstanceOfConstructor):
1389         * JavaScriptCore.exp:
1390         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1391         * interpreter/Interpreter.cpp:
1392         (JSC::Interpreter::privateExecute):
1393         * jit/JITStubs.cpp:
1394         (JSC::DEFINE_STUB_FUNCTION):
1395         * runtime/ClassInfo.h:
1396         * runtime/JSBoundFunction.cpp:
1397         (JSC::JSBoundFunction::hasInstance):
1398         * runtime/JSBoundFunction.h:
1399         * runtime/JSCell.cpp:
1400         * runtime/JSCell.h:
1401         * runtime/JSObject.cpp:
1402         (JSC::JSObject::hasInstance):
1403         * runtime/JSObject.h:
1404
1405 2011-11-03  Mark Hahnenberg  <mhahnenberg@apple.com>
1406
1407         De-virtualize JSObject::getPropertyNames
1408         https://bugs.webkit.org/show_bug.cgi?id=71306
1409
1410         Reviewed by Darin Adler.
1411
1412         Added getPropertyNames to the MethodTable, changed all the virtual 
1413         implementations of getPropertyNames to static ones, and replaced 
1414         all call sites with corresponding lookups in the MethodTable.
1415
1416         * API/JSObjectRef.cpp:
1417         (JSObjectCopyPropertyNames):
1418         * JavaScriptCore.exp:
1419         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1420         * debugger/DebuggerActivation.cpp:
1421         (JSC::DebuggerActivation::getOwnPropertyNames):
1422         * runtime/ClassInfo.h:
1423         * runtime/JSCell.cpp:
1424         (JSC::JSCell::getPropertyNames):
1425         * runtime/JSCell.h:
1426         * runtime/JSObject.cpp:
1427         (JSC::JSObject::getPropertyNames):
1428         (JSC::JSObject::getOwnPropertyNames):
1429         * runtime/JSObject.h:
1430         * runtime/JSPropertyNameIterator.cpp:
1431         (JSC::JSPropertyNameIterator::create):
1432         * runtime/ScopeChain.cpp:
1433         (JSC::ScopeChainNode::print):
1434         * runtime/Structure.cpp:
1435         (JSC::Structure::getPropertyNamesFromStructure):
1436         * runtime/Structure.h:
1437
1438 2011-11-03  Darin Adler  <darin@apple.com>
1439
1440         Change remaining callers of releaseRef to call leakRef
1441         https://bugs.webkit.org/show_bug.cgi?id=71422
1442
1443         * wtf/text/AtomicString.cpp:
1444         (WTF::HashAndUTF8CharactersTranslator::translate): Use leakRef.
1445
1446 2011-11-02  Darin Adler  <darin@apple.com>
1447
1448         Change remaining callers of releaseRef to call leakRef
1449         https://bugs.webkit.org/show_bug.cgi?id=71422
1450
1451         * wtf/text/AtomicString.cpp:
1452         (WTF::HashAndUTF8CharactersTranslator::translate): Use leakRef.
1453
1454 2011-11-03  Mark Hahnenberg  <mhahnenberg@apple.com>
1455
1456         De-virtualize JSObject::hasInstance
1457         https://bugs.webkit.org/show_bug.cgi?id=71430
1458
1459         Reviewed by Darin Adler.
1460
1461         Added hasInstance to the MethodTable, changed all the virtual 
1462         implementations of hasInstance to static ones, and replaced 
1463         all call sites with corresponding lookups in the MethodTable.
1464
1465         * API/JSCallbackObject.h:
1466         * API/JSCallbackObjectFunctions.h:
1467         (JSC::::hasInstance):
1468         * API/JSValueRef.cpp:
1469         (JSValueIsInstanceOfConstructor):
1470         * JavaScriptCore.exp:
1471         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1472         * interpreter/Interpreter.cpp:
1473         (JSC::Interpreter::privateExecute):
1474         * jit/JITStubs.cpp:
1475         (JSC::DEFINE_STUB_FUNCTION):
1476         * runtime/ClassInfo.h:
1477         * runtime/JSBoundFunction.cpp:
1478         (JSC::JSBoundFunction::hasInstance):
1479         * runtime/JSBoundFunction.h:
1480         * runtime/JSCell.cpp:
1481         (JSC::JSCell::hasInstance):
1482         * runtime/JSCell.h:
1483         * runtime/JSObject.cpp:
1484         (JSC::JSObject::hasInstance):
1485         * runtime/JSObject.h:
1486
1487 2011-11-03  Filip Pizlo  <fpizlo@apple.com>
1488
1489         JIT-specific code should be able to refer to register types even on JIT-disabled builds
1490         https://bugs.webkit.org/show_bug.cgi?id=71498
1491
1492         Reviewed by Gavin Barraclough.
1493
1494         * assembler/MacroAssembler.h:
1495         (MacroAssembler::MacroAssembler):
1496
1497 2011-11-03  Mark Hahnenberg  <mhahnenberg@apple.com>
1498
1499         De-virtualize JSObject::className
1500         https://bugs.webkit.org/show_bug.cgi?id=71428
1501
1502         Reviewed by Sam Weinig.
1503
1504         Added className to the MethodTable, changed all the virtual 
1505         implementations of className to static ones, and replaced 
1506         all call sites with corresponding lookups in the MethodTable.
1507
1508         * API/JSCallbackObject.h:
1509         * API/JSCallbackObjectFunctions.h:
1510         (JSC::::className):
1511         * JavaScriptCore.exp:
1512         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1513         * debugger/DebuggerActivation.cpp:
1514         (JSC::DebuggerActivation::className):
1515         * debugger/DebuggerActivation.h:
1516         * jsc.cpp:
1517         (GlobalObject::createStructure):
1518         * profiler/Profiler.cpp:
1519         (JSC::Profiler::createCallIdentifier):
1520         * runtime/ClassInfo.h:
1521         * runtime/JSCell.cpp:
1522         (JSC::JSCell::className):
1523         * runtime/JSCell.h:
1524         * runtime/JSObject.cpp:
1525         (JSC::JSObject::className):
1526         * runtime/JSObject.h:
1527         * runtime/ObjectPrototype.cpp:
1528         (JSC::objectProtoFuncToString):
1529         * testRegExp.cpp:
1530         (GlobalObject::createStructure):
1531
1532 2011-11-02  Jer Noble  <jer.noble@apple.com>
1533
1534         Add Clock class and platform-specific implementations.
1535         https://bugs.webkit.org/show_bug.cgi?id=71341
1536
1537         Reviewed by Sam Weinig.
1538
1539         Add WTF_USE_COREAUDIO macro for use by PlatformClockCA.
1540
1541         * wtf/Platform.h:
1542
1543 2011-11-03  Pavel Feldman  <pfeldman@chromium.org>
1544
1545         Not reviewed: fixing win build. step2.
1546
1547         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1548
1549 2011-11-03  Pavel Feldman  <pfeldman@chromium.org>
1550
1551         Not reviewed: fix windows build, step1
1552
1553         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1554
1555 2011-11-03  Pavel Feldman  <pfeldman@google.com>
1556
1557         Web Inspector: preserve script location for inline handlers.
1558         https://bugs.webkit.org/show_bug.cgi?id=71367
1559
1560         Makes SourceCode factories receive TextPosition instead of the line number;
1561         Stores consistent position values in SourceCode and SourceProvider;
1562
1563         Reviewed by Yury Semikhatsky.
1564
1565         * API/JSBase.cpp:
1566         (JSEvaluateScript):
1567         (JSCheckScriptSyntax):
1568         * API/JSObjectRef.cpp:
1569         (JSObjectMakeFunction):
1570         * parser/SourceCode.h:
1571         (JSC::makeSource):
1572         * parser/SourceProvider.h:
1573         (JSC::SourceProvider::SourceProvider):
1574         (JSC::SourceProvider::startPosition):
1575         (JSC::UStringSourceProvider::create):
1576         (JSC::UStringSourceProvider::UStringSourceProvider):
1577         * runtime/FunctionConstructor.cpp:
1578         (JSC::constructFunction):
1579         (JSC::constructFunctionSkippingEvalEnabledCheck):
1580         * runtime/FunctionConstructor.h:
1581
1582 2011-11-03  Kentaro Hara  <haraken@chromium.org>
1583
1584         Fixed wrong implementation of doubleValue % 2^{64}.
1585         https://bugs.webkit.org/show_bug.cgi?id=67980
1586
1587         Reviewed by Hajime Morita.
1588
1589         fast/events/constructors/progress-event-constructor.html was failing
1590         because of the wrong implementation of conversion from an ECMAScript value
1591         to an IDL unsigned long long value (Spec: http://www.w3.org/TR/WebIDL/#es-unsigned-long-long).
1592         In particular, the calculation of doubleValue % 2^{64} was wrong.
1593         This patch implemented it correctly in doubleToInteger() in wtf/MathExtras.h.
1594
1595         * wtf/MathExtras.h:
1596         (doubleToInteger): Implemented the spec correctly.
1597
1598 2011-11-03  Sheriff Bot  <webkit.review.bot@gmail.com>
1599
1600         Unreviewed, rolling out r99089.
1601         http://trac.webkit.org/changeset/99089
1602         https://bugs.webkit.org/show_bug.cgi?id=71448
1603
1604         @plt postfix for math functions cause crash on Linux 32 (the
1605         symbol is defined but it points to NULL) (Requested by
1606         zherczeg on #webkit).
1607
1608         * dfg/DFGOperations.cpp:
1609         * jit/JITStubs.cpp:
1610         * jit/ThunkGenerators.cpp:
1611
1612 2011-11-02  Filip Pizlo  <fpizlo@apple.com>
1613
1614         DFG inlining breaks function.arguments[something] if the argument being
1615         retrieved was subjected to DFG's unboxing optimizations
1616         https://bugs.webkit.org/show_bug.cgi?id=71436
1617
1618         Reviewed by Oliver Hunt.
1619         
1620         This makes inlined arguments retrieval use some of the same machinery as
1621         OSR to determine where from, and how, to retrieve a value that the DFG
1622         might have somehow squirreled away while the old JIT would put it in its
1623         obvious location, using an obvious format.
1624         
1625         To that end, previously DFG-internal notions such as DataFormat,
1626         VirtualRegister, and ValueRecovery are now in bytecode/ since they are
1627         stored as part of InlineCallFrames.
1628
1629         * bytecode/CodeOrigin.h:
1630         * dfg/DFGAbstractState.cpp:
1631         (JSC::DFG::AbstractState::execute):
1632         * dfg/DFGByteCodeParser.cpp:
1633         (JSC::DFG::ByteCodeParser::handleInlining):
1634         (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
1635         * dfg/DFGJITCompiler.cpp:
1636         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
1637         * dfg/DFGJITCompiler32_64.cpp:
1638         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
1639         * dfg/DFGNode.h:
1640         * dfg/DFGPropagator.cpp:
1641         (JSC::DFG::Propagator::propagateNodePredictions):
1642         * dfg/DFGSpeculativeJIT.cpp:
1643         (JSC::DFG::SpeculativeJIT::compile):
1644         * dfg/DFGSpeculativeJIT64.cpp:
1645         (JSC::DFG::SpeculativeJIT::compile):
1646         * interpreter/CallFrame.cpp:
1647         (JSC::CallFrame::trueCallerFrame):
1648         * interpreter/CallFrame.h:
1649         (JSC::ExecState::inlineCallFrame):
1650         * interpreter/Register.h:
1651         (JSC::Register::asInlineCallFrame):
1652         (JSC::Register::unboxedInt32):
1653         (JSC::Register::unboxedBoolean):
1654         (JSC::Register::unboxedCell):
1655         * runtime/Arguments.h:
1656         (JSC::Arguments::finishCreationAndCopyRegisters):
1657
1658 2011-11-02  Filip Pizlo  <fpizlo@apple.com>
1659
1660         ValueRecovery should be moved out of the DFG JIT
1661         https://bugs.webkit.org/show_bug.cgi?id=71439
1662
1663         Reviewed by Oliver Hunt.
1664
1665         * JavaScriptCore.xcodeproj/project.pbxproj:
1666         * bytecode/DataFormat.h: Added.
1667         (JSC::dataFormatToString):
1668         (JSC::needDataFormatConversion):
1669         (JSC::isJSFormat):
1670         (JSC::isJSInteger):
1671         (JSC::isJSDouble):
1672         (JSC::isJSCell):
1673         (JSC::isJSBoolean):
1674         * bytecode/ValueRecovery.h: Added.
1675         (JSC::ValueRecovery::ValueRecovery):
1676         (JSC::ValueRecovery::alreadyInRegisterFile):
1677         (JSC::ValueRecovery::alreadyInRegisterFileAsUnboxedInt32):
1678         (JSC::ValueRecovery::alreadyInRegisterFileAsUnboxedCell):
1679         (JSC::ValueRecovery::alreadyInRegisterFileAsUnboxedBoolean):
1680         (JSC::ValueRecovery::inGPR):
1681         (JSC::ValueRecovery::inPair):
1682         (JSC::ValueRecovery::inFPR):
1683         (JSC::ValueRecovery::displacedInRegisterFile):
1684         (JSC::ValueRecovery::constant):
1685         (JSC::ValueRecovery::technique):
1686         (JSC::ValueRecovery::isInRegisters):
1687         (JSC::ValueRecovery::gpr):
1688         (JSC::ValueRecovery::tagGPR):
1689         (JSC::ValueRecovery::payloadGPR):
1690         (JSC::ValueRecovery::fpr):
1691         (JSC::ValueRecovery::virtualRegister):
1692         (JSC::ValueRecovery::dump):
1693         * bytecode/VirtualRegister.h: Added.
1694         * dfg/DFGGenerationInfo.h:
1695         (JSC::DFG::GenerationInfo::isJSFormat):
1696         * dfg/DFGSpeculativeJIT.cpp:
1697         (JSC::DFG::ValueSource::dump):
1698         * dfg/DFGSpeculativeJIT.h:
1699         * dfg/DFGVariableAccessData.h:
1700
1701 2011-11-02  Sam Weinig  <sam@webkit.org>
1702
1703         Object.getOwnPropertyDescriptor() does not retrieve the getter/setter from a property on the window that has been overridden with a getter/setter
1704         https://bugs.webkit.org/show_bug.cgi?id=71333
1705
1706         Reviewed by Gavin Barraclough.
1707
1708         Tested by fast/dom/getter-on-window-object2.html
1709
1710         * runtime/PropertyDescriptor.cpp:
1711         (JSC::PropertyDescriptor::setDescriptor):
1712         The attributes returned from Structure::get do not include Getter or Setter, so
1713         instead check if the value is a GetterSetter like we do elsewhere. If it is, update
1714         the descriptor's attributes accordingly.
1715
1716 2011-11-02  Yuqiang Xian  <yuqiang.xian@intel.com>
1717
1718         FunctionPtr should accept FASTCALL functions on X86
1719         https://bugs.webkit.org/show_bug.cgi?id=71434
1720
1721         Reviewed by Filip Pizlo.
1722
1723         On X86 we sometimes use FASTCALL convention functions, for example the
1724         cti functions, and we may need the pointers to such functions, e.g.,
1725         in current DFG register file check and arity check, though long term
1726         we may avoid such usage of cti calls in DFG.
1727
1728         * assembler/MacroAssemblerCodeRef.h:
1729         (JSC::FunctionPtr::FunctionPtr):
1730
1731 2011-11-02  Filip Pizlo  <fpizlo@apple.com>
1732
1733         Inlined uses of the global object should use the right global object
1734         https://bugs.webkit.org/show_bug.cgi?id=71427
1735
1736         Reviewed by Oliver Hunt.
1737
1738         * dfg/DFGJITCompiler.h:
1739         (JSC::DFG::JITCompiler::globalObjectFor):
1740         * dfg/DFGSpeculativeJIT64.cpp:
1741         (JSC::DFG::SpeculativeJIT::compile):
1742
1743 2011-11-02  Yuqiang Xian  <yuqiang.xian@intel.com>
1744
1745         Remove some unnecessary loads/stores in DFG JIT 32_64
1746         https://bugs.webkit.org/show_bug.cgi?id=71090
1747
1748         Reviewed by Filip Pizlo.
1749
1750         In fillSpeculateCell and OSR exit, some unnecessary loads/stores can
1751         be eliminated.
1752
1753         * dfg/DFGJITCompiler32_64.cpp:
1754         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
1755         * dfg/DFGSpeculativeJIT32_64.cpp:
1756         (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
1757
1758 2011-11-02  Adam Klein  <adamk@chromium.org>
1759
1760         Replace usage of StringImpl with String where possible in CharacterData and Text
1761         https://bugs.webkit.org/show_bug.cgi?id=71383
1762
1763         Reviewed by Darin Adler.
1764
1765         * wtf/text/WTFString.h:
1766         (WTF::String::containsOnlyWhitespace): Added new method.
1767
1768 2011-11-02  Mark Hahnenberg  <mhahnenberg@apple.com>
1769
1770         De-virtualize JSObject::getOwnPropertyNames
1771         https://bugs.webkit.org/show_bug.cgi?id=71307
1772
1773         Reviewed by Darin Adler.
1774
1775         Added getOwnPropertyNames to the MethodTable, changed all the virtual 
1776         implementations of getOwnPropertyNames to static ones, and replaced 
1777         all call sites with corresponding lookups in the MethodTable.
1778
1779         * API/JSCallbackObject.h:
1780         * API/JSCallbackObjectFunctions.h:
1781         (JSC::::getOwnPropertyNames):
1782         * JavaScriptCore.exp:
1783         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1784         * debugger/DebuggerActivation.cpp:
1785         (JSC::DebuggerActivation::getOwnPropertyNames):
1786         * debugger/DebuggerActivation.h:
1787         * runtime/Arguments.cpp:
1788         (JSC::Arguments::getOwnPropertyNames):
1789         * runtime/Arguments.h:
1790         * runtime/ClassInfo.h:
1791         * runtime/JSActivation.cpp:
1792         (JSC::JSActivation::getOwnPropertyNames):
1793         * runtime/JSActivation.h:
1794         * runtime/JSArray.cpp:
1795         (JSC::JSArray::getOwnPropertyNames):
1796         * runtime/JSArray.h:
1797         * runtime/JSByteArray.cpp:
1798         (JSC::JSByteArray::getOwnPropertyNames):
1799         * runtime/JSByteArray.h:
1800         * runtime/JSCell.cpp:
1801         (JSC::JSCell::getOwnPropertyNames):
1802         * runtime/JSCell.h:
1803         * runtime/JSFunction.cpp:
1804         (JSC::JSFunction::getOwnPropertyNames):
1805         * runtime/JSFunction.h:
1806         * runtime/JSNotAnObject.cpp:
1807         (JSC::JSNotAnObject::getOwnPropertyNames):
1808         * runtime/JSNotAnObject.h:
1809         * runtime/JSONObject.cpp:
1810         (JSC::Stringifier::Holder::appendNextProperty):
1811         (JSC::Walker::walk):
1812         * runtime/JSObject.cpp:
1813         (JSC::JSObject::getPropertyNames):
1814         (JSC::JSObject::getOwnPropertyNames):
1815         * runtime/JSObject.h:
1816         * runtime/JSVariableObject.cpp:
1817         (JSC::JSVariableObject::~JSVariableObject):
1818         (JSC::JSVariableObject::getOwnPropertyNames):
1819         * runtime/JSVariableObject.h:
1820         * runtime/ObjectConstructor.cpp:
1821         (JSC::objectConstructorGetOwnPropertyNames):
1822         (JSC::objectConstructorKeys):
1823         (JSC::defineProperties):
1824         * runtime/RegExpMatchesArray.h:
1825         (JSC::RegExpMatchesArray::getOwnPropertyNames):
1826         * runtime/StringObject.cpp:
1827         (JSC::StringObject::getOwnPropertyNames):
1828         * runtime/StringObject.h:
1829         * runtime/Structure.h:
1830
1831 2011-11-02  Dean Jackson  <dino@apple.com>
1832
1833         Add ENABLE_CSS_SHADERS flag
1834         https://bugs.webkit.org/show_bug.cgi?id=71394
1835
1836         Reviewed by Sam Weinig.
1837
1838         * Configurations/FeatureDefines.xcconfig:
1839
1840 2011-11-02  Alexey Shabalin  <a.shabalin@gmail.com>
1841
1842         TEXTREL in libjavascriptcoregtk-1.0.so.0.11.0 on x86 (or i586)
1843         https://bugs.webkit.org/show_bug.cgi?id=70610
1844
1845         Reviewed by Martin Robinson.
1846
1847         Properly annotate ASM on BSD and Linux x86 systems.
1848
1849         * dfg/DFGOperations.cpp: Add annotation for X86.
1850         * jit/JITStubs.cpp: Ditto.
1851         * jit/ThunkGenerators.cpp: Ditto.
1852
1853 2011-11-02  Xianzhu Wang  <wangxianzhu@chromium.org>
1854
1855         Missing Force8BitConstructor in 8-bit version of StringImpl::reallocate()
1856         https://bugs.webkit.org/show_bug.cgi?id=71347
1857
1858         Reviewed by Geoffrey Garen.
1859
1860         * wtf/text/StringImpl.cpp:
1861         (WTF::StringImpl::reallocate):
1862
1863 2011-11-01  Darin Adler  <darin@apple.com>
1864
1865         Cut down on malloc/free a bit in the parser arena
1866         https://bugs.webkit.org/show_bug.cgi?id=71343
1867
1868         Reviewed by Oliver Hunt.
1869
1870         * parser/ParserArena.cpp:
1871         (JSC::ParserArena::deallocateObjects): Call the destructors of
1872         the deletable objects before freeing the pools. Don't call
1873         fastFree on the deletable objects any more.
1874
1875         * parser/ParserArena.h:
1876         (JSC::ParserArena::allocateDeletable): Use allocateFreeable
1877         instead of fastMalloc here.
1878
1879 2011-11-01  Sam Weinig  <sam@webkit.org>
1880
1881         Implement __lookupGetter__/__lookupSetter__ in terms of getPropertyDescriptor
1882         https://bugs.webkit.org/show_bug.cgi?id=71336
1883
1884         Reviewed by Darin Adler.
1885
1886         * debugger/DebuggerActivation.cpp:
1887         * debugger/DebuggerActivation.h:
1888         Remove overrides of lookupGetter/lookupSetter, which are no longer needed
1889         due to implementing getPropertyDescriptor.
1890
1891         * runtime/JSObject.cpp:
1892         (JSC::JSObject::lookupGetter):
1893         (JSC::JSObject::lookupSetter):
1894         * runtime/JSObject.h:
1895         De-virtualize lookupGetter/lookupSetter, and implement them in terms of
1896         getPropertyDescriptor.
1897
1898 2011-11-01  Mark Hahnenberg  <mhahnenberg@apple.com>
1899
1900         De-virtualize JSObject::defineSetter
1901         https://bugs.webkit.org/show_bug.cgi?id=71303
1902
1903         Reviewed by Darin Adler.
1904
1905         Added defineSetter to the MethodTable, changed all the virtual 
1906         implementations of defineSetter to static ones, and replaced 
1907         all call sites with corresponding lookups in the MethodTable.
1908
1909         * JavaScriptCore.exp:
1910         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1911         * debugger/DebuggerActivation.cpp:
1912         (JSC::DebuggerActivation::defineSetter):
1913         * debugger/DebuggerActivation.h:
1914         * interpreter/Interpreter.cpp:
1915         (JSC::Interpreter::privateExecute):
1916         * jit/JITStubs.cpp:
1917         (JSC::DEFINE_STUB_FUNCTION):
1918         * runtime/ClassInfo.h:
1919         * runtime/JSCell.cpp:
1920         (JSC::JSCell::defineSetter):
1921         * runtime/JSCell.h:
1922         * runtime/JSGlobalObject.cpp:
1923         (JSC::JSGlobalObject::defineSetter):
1924         * runtime/JSGlobalObject.h:
1925         * runtime/JSObject.cpp:
1926         (JSC::JSObject::defineSetter):
1927         (JSC::putDescriptor):
1928         * runtime/JSObject.h:
1929         * runtime/ObjectPrototype.cpp:
1930         (JSC::objectProtoFuncDefineSetter):
1931
1932 2011-11-01  Filip Pizlo  <fpizlo@apple.com>
1933
1934         DFG inlining breaks function.arguments
1935         https://bugs.webkit.org/show_bug.cgi?id=71329
1936
1937         Reviewed by Oliver Hunt.
1938         
1939         The DFG was forgetting to store code origin mappings for inlined
1940         call sites. Some of the fast-path optimizations for
1941         CallFrame::trueCallerFrame() were wrong. An assertion in Arguments
1942         was wrong.
1943         
1944         I also took the opportunity to decrease code duplication between
1945         DFG64 and DFG32_64, because I didn't feel like writing the same
1946         code twice.
1947
1948         * bytecode/CodeBlock.h:
1949         (JSC::ExecState::isInlineCallFrame):
1950         * dfg/DFGJITCompiler.cpp:
1951         (JSC::DFG::JITCompiler::compileEntry):
1952         (JSC::DFG::JITCompiler::compileBody):
1953         (JSC::DFG::JITCompiler::link):
1954         (JSC::DFG::JITCompiler::compile):
1955         (JSC::DFG::JITCompiler::compileFunction):
1956         * dfg/DFGJITCompiler32_64.cpp:
1957         * dfg/DFGNode.h:
1958         * interpreter/CallFrame.cpp:
1959         (JSC::CallFrame::trueCallerFrame):
1960         * interpreter/CallFrame.h:
1961         * runtime/Arguments.h:
1962         (JSC::Arguments::getArgumentsData):
1963
1964 2011-11-01  Xianzhu Wang  <wangxianzhu@chromium.org>
1965
1966         StringImpl::reallocate() should have a 8-bit version
1967         https://bugs.webkit.org/show_bug.cgi?id=71210
1968
1969         Reviewed by Geoffrey Garen.
1970
1971         * wtf/text/StringImpl.cpp:
1972         (WTF::StringImpl::reallocate):
1973         * wtf/text/StringImpl.h:
1974
1975 2011-10-31  Filip Pizlo  <fpizlo@apple.com>
1976
1977         The GC should be parallel
1978         https://bugs.webkit.org/show_bug.cgi?id=70995
1979
1980         Reviewed by Geoff Garen.
1981         
1982         Added parallel tracing to the GC. This works by having local mark
1983         stacks per thread, and a global shared one. Threads sometimes
1984         donate cells from the mark stack to the global one if the heuristics
1985         tell them that it's affordable to do so. Threads that have depleted
1986         their local mark stacks try to steal some from the shared one.
1987
1988         Marking is now done using an atomic weak relaxed CAS (compare-and-swap).
1989         
1990         This is a 23% speed-up on V8-splay when I use 4 marking threads,
1991         leading to a 3.5% speed-up on V8.
1992         
1993         It also appears that this reduces GC pause times on real websites by
1994         more than half.
1995
1996         * JavaScriptCore.exp:
1997         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1998         * heap/Heap.cpp:
1999         (JSC::Heap::Heap):
2000         (JSC::Heap::~Heap):
2001         (JSC::Heap::markRoots):
2002         * heap/Heap.h:
2003         * heap/MarkStack.cpp:
2004         (JSC::MarkStackSegmentAllocator::MarkStackSegmentAllocator):
2005         (JSC::MarkStackSegmentAllocator::~MarkStackSegmentAllocator):
2006         (JSC::MarkStackSegmentAllocator::allocate):
2007         (JSC::MarkStackSegmentAllocator::release):
2008         (JSC::MarkStackSegmentAllocator::shrinkReserve):
2009         (JSC::MarkStackArray::MarkStackArray):
2010         (JSC::MarkStackArray::~MarkStackArray):
2011         (JSC::MarkStackArray::expand):
2012         (JSC::MarkStackArray::refill):
2013         (JSC::MarkStackArray::donateSomeCellsTo):
2014         (JSC::MarkStackArray::stealSomeCellsFrom):
2015         (JSC::MarkStackThreadSharedData::markingThreadMain):
2016         (JSC::MarkStackThreadSharedData::markingThreadStartFunc):
2017         (JSC::MarkStackThreadSharedData::MarkStackThreadSharedData):
2018         (JSC::MarkStackThreadSharedData::~MarkStackThreadSharedData):
2019         (JSC::MarkStackThreadSharedData::reset):
2020         (JSC::MarkStack::reset):
2021         (JSC::SlotVisitor::donateSlow):
2022         (JSC::SlotVisitor::drain):
2023         (JSC::SlotVisitor::drainFromShared):
2024         (JSC::MarkStack::mergeOpaqueRoots):
2025         (JSC::SlotVisitor::harvestWeakReferences):
2026         * heap/MarkStack.h:
2027         (JSC::MarkStackSegment::data):
2028         (JSC::MarkStackSegment::capacityFromSize):
2029         (JSC::MarkStackSegment::sizeFromCapacity):
2030         (JSC::MarkStackArray::postIncTop):
2031         (JSC::MarkStackArray::preDecTop):
2032         (JSC::MarkStackArray::setTopForFullSegment):
2033         (JSC::MarkStackArray::setTopForEmptySegment):
2034         (JSC::MarkStackArray::top):
2035         (JSC::MarkStackArray::validatePrevious):
2036         (JSC::MarkStack::addWeakReferenceHarvester):
2037         (JSC::MarkStack::mergeOpaqueRootsIfNecessary):
2038         (JSC::MarkStack::mergeOpaqueRootsIfProfitable):
2039         (JSC::MarkStack::MarkStack):
2040         (JSC::MarkStack::addOpaqueRoot):
2041         (JSC::MarkStack::containsOpaqueRoot):
2042         (JSC::MarkStack::opaqueRootCount):
2043         (JSC::MarkStackArray::append):
2044         (JSC::MarkStackArray::canRemoveLast):
2045         (JSC::MarkStackArray::removeLast):
2046         (JSC::MarkStackArray::isEmpty):
2047         (JSC::MarkStackArray::canDonateSomeCells):
2048         (JSC::MarkStackArray::size):
2049         (JSC::ParallelModeEnabler::ParallelModeEnabler):
2050         (JSC::ParallelModeEnabler::~ParallelModeEnabler):
2051         * heap/MarkedBlock.h:
2052         (JSC::MarkedBlock::testAndSetMarked):
2053         * heap/SlotVisitor.h:
2054         (JSC::SlotVisitor::donate):
2055         (JSC::SlotVisitor::donateAndDrain):
2056         (JSC::SlotVisitor::donateKnownParallel):
2057         (JSC::SlotVisitor::SlotVisitor):
2058         * heap/WeakReferenceHarvester.h:
2059         * runtime/Heuristics.cpp:
2060         (JSC::Heuristics::initializeHeuristics):
2061         * runtime/Heuristics.h:
2062         * wtf/Atomics.h:
2063         (WTF::weakCompareAndSwap):
2064         * wtf/Bitmap.h:
2065         (WTF::::Bitmap):
2066         (WTF::::get):
2067         (WTF::::set):
2068         (WTF::::testAndSet):
2069         (WTF::::testAndClear):
2070         (WTF::::concurrentTestAndSet):
2071         (WTF::::concurrentTestAndClear):
2072         (WTF::::clear):
2073         (WTF::::clearAll):
2074         (WTF::::nextPossiblyUnset):
2075         (WTF::::findRunOfZeros):
2076         (WTF::::count):
2077         (WTF::::isEmpty):
2078         (WTF::::isFull):
2079         * wtf/MainThread.h:
2080         (WTF::isMainThreadOrGCThread):
2081         * wtf/Platform.h:
2082         * wtf/ThreadSpecific.h:
2083         (WTF::::isSet):
2084         * wtf/mac/MainThreadMac.mm:
2085         (WTF::initializeGCThreads):
2086         (WTF::initializeMainThreadPlatform):
2087         (WTF::initializeMainThreadToProcessMainThreadPlatform):
2088         (WTF::registerGCThread):
2089         (WTF::isMainThreadOrGCThread):
2090
2091 2011-10-31  Mark Hahnenberg  <mhahnenberg@apple.com>
2092
2093         De-virtualize JSObject::defaultValue
2094         https://bugs.webkit.org/show_bug.cgi?id=71146
2095
2096         Reviewed by Sam Weinig.
2097
2098         Added defaultValue to the MethodTable.  Replaced all virtual versions of 
2099         defaultValue with static versions.  Replaced all call sites with lookups in the 
2100         MethodTable.
2101
2102         * JavaScriptCore.exp:
2103         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2104         * runtime/ClassInfo.h:
2105         * runtime/ExceptionHelpers.cpp:
2106         (JSC::InterruptedExecutionError::defaultValue):
2107         (JSC::TerminatedExecutionError::defaultValue):
2108         * runtime/ExceptionHelpers.h:
2109         * runtime/JSCell.cpp:
2110         (JSC::JSCell::defaultValue):
2111         * runtime/JSCell.h:
2112         * runtime/JSNotAnObject.cpp:
2113         (JSC::JSNotAnObject::defaultValue):
2114         * runtime/JSNotAnObject.h:
2115         * runtime/JSObject.cpp:
2116         (JSC::JSObject::getPrimitiveNumber):
2117         (JSC::JSObject::defaultValue):
2118         * runtime/JSObject.h:
2119         (JSC::JSObject::toPrimitive):
2120
2121 2011-10-31  Mark Hahnenberg  <mhahnenberg@apple.com>
2122
2123         Interpreter build fix
2124
2125         Unreviewed build fix
2126
2127         * interpreter/Interpreter.cpp:
2128         (JSC::Interpreter::privateExecute):
2129         * runtime/Executable.cpp:
2130         (JSC::FunctionExecutable::compileForCallInternal):
2131         (JSC::FunctionExecutable::compileForConstructInternal):
2132
2133 2011-10-31  Filip Pizlo  <fpizlo@apple.com>
2134
2135         DFG OSR exits should add to value profiles
2136         https://bugs.webkit.org/show_bug.cgi?id=71202
2137
2138         Reviewed by Oliver Hunt.
2139         
2140         Value profiles now have an extra special slot not used by the old JIT's
2141         profiling, which is reserved for OSR exits.
2142         
2143         The DFG's OSR exit code now knows which register, node index, and value
2144         profiling site was responsible for the (possibly flawed) information that
2145         led to the OSR failure. This is somewhat opportunistic and imperfect;
2146         if there's a lot of control flow between the value profiling site and the
2147         OSR failure point, then this mechanism simply gives up. It also gives up
2148         if the OSR failure is caused by either known deficiencies in the DFG
2149         (like that we always assume that the index in a strict charCodeAt access
2150         is within bounds) or where the OSR failure would be catalogues and
2151         profiled through other means (like slow case counters).
2152         
2153         This patch also adds the notion of a JSValueRegs, which is either a
2154         single register in JSVALUE64 or a pair in JSVALUE32_64. We should
2155         probably move the 32_64 DFG towards using this, since it often makes it
2156         easier to share code between 64 and 32_64.
2157         
2158         Also fixed a number of pathologies that this uncovered. op_method_check 
2159         didn't have a value profiling site on the slow path. GetById should not
2160         always force OSR exit if it never executed in the old JIT; we may be
2161         able to infer its type if it's a array or string length get. Finally,
2162         these changes benefit from a slight tweak to optimization delay
2163         heuristics (profile fullness is now 0.35 instead of 0.25).
2164         
2165         3.8% speed-up on Kraken, mostly due to ~35% on both stanford-crypto-aes
2166         and imaging-darkroom.
2167
2168         * bytecode/ValueProfile.cpp:
2169         (JSC::ValueProfile::computeStatistics):
2170         (JSC::ValueProfile::computeUpdatedPrediction):
2171         * bytecode/ValueProfile.h:
2172         (JSC::ValueProfile::ValueProfile):
2173         (JSC::ValueProfile::specFailBucket):
2174         (JSC::ValueProfile::numberOfSamples):
2175         (JSC::ValueProfile::isLive):
2176         (JSC::ValueProfile::numberOfInt32s):
2177         (JSC::ValueProfile::numberOfDoubles):
2178         (JSC::ValueProfile::numberOfCells):
2179         (JSC::ValueProfile::numberOfObjects):
2180         (JSC::ValueProfile::numberOfFinalObjects):
2181         (JSC::ValueProfile::numberOfStrings):
2182         (JSC::ValueProfile::numberOfArrays):
2183         (JSC::ValueProfile::numberOfBooleans):
2184         (JSC::ValueProfile::dump):
2185         * dfg/DFGAbstractState.cpp:
2186         (JSC::DFG::AbstractState::execute):
2187         * dfg/DFGByteCodeParser.cpp:
2188         (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):
2189         (JSC::DFG::ByteCodeParser::getPrediction):
2190         (JSC::DFG::ByteCodeParser::parseBlock):
2191         * dfg/DFGGPRInfo.h:
2192         (JSC::DFG::JSValueRegs::JSValueRegs):
2193         (JSC::DFG::JSValueRegs::operator!):
2194         (JSC::DFG::JSValueRegs::gpr):
2195         (JSC::DFG::JSValueSource::JSValueSource):
2196         (JSC::DFG::JSValueSource::unboxedCell):
2197         (JSC::DFG::JSValueSource::operator!):
2198         (JSC::DFG::JSValueSource::isAddress):
2199         (JSC::DFG::JSValueSource::offset):
2200         (JSC::DFG::JSValueSource::base):
2201         (JSC::DFG::JSValueSource::gpr):
2202         (JSC::DFG::JSValueSource::asAddress):
2203         (JSC::DFG::JSValueSource::notAddress):
2204         (JSC::DFG::JSValueRegs::tagGPR):
2205         (JSC::DFG::JSValueRegs::payloadGPR):
2206         (JSC::DFG::JSValueSource::tagGPR):
2207         (JSC::DFG::JSValueSource::payloadGPR):
2208         (JSC::DFG::JSValueSource::hasKnownTag):
2209         (JSC::DFG::JSValueSource::tag):
2210         * dfg/DFGGenerationInfo.h:
2211         (JSC::DFG::GenerationInfo::jsValueRegs):
2212         * dfg/DFGGraph.h:
2213         (JSC::DFG::Graph::valueProfileFor):
2214         * dfg/DFGJITCodeGenerator.h:
2215         (JSC::JSValueOperand::jsValueRegs):
2216         * dfg/DFGJITCompiler.cpp:
2217         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
2218         * dfg/DFGJITCompiler.h:
2219         (JSC::DFG::JITCompiler::valueProfileFor):
2220         * dfg/DFGJITCompiler32_64.cpp:
2221         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
2222         * dfg/DFGPropagator.cpp:
2223         (JSC::DFG::Propagator::propagateNodePredictions):
2224         * dfg/DFGSpeculativeJIT.cpp:
2225         (JSC::DFG::OSRExit::OSRExit):
2226         (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectEquality):
2227         (JSC::DFG::SpeculativeJIT::checkArgumentTypes):
2228         (JSC::DFG::SpeculativeJIT::compileGetCharCodeAt):
2229         (JSC::DFG::SpeculativeJIT::compileGetByValOnString):
2230         (JSC::DFG::SpeculativeJIT::compilePutByValForByteArray):
2231         (JSC::DFG::SpeculativeJIT::compileGetByValOnByteArray):
2232         * dfg/DFGSpeculativeJIT.h:
2233         (JSC::DFG::SpeculativeJIT::speculationCheck):
2234         (JSC::DFG::SpeculativeJIT::terminateSpeculativeExecution):
2235         * dfg/DFGSpeculativeJIT32_64.cpp:
2236         (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
2237         (JSC::DFG::SpeculativeJIT::fillSpeculateDouble):
2238         (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
2239         (JSC::DFG::SpeculativeJIT::fillSpeculateBoolean):
2240         (JSC::DFG::SpeculativeJIT::compileObjectEquality):
2241         (JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
2242         (JSC::DFG::SpeculativeJIT::compileLogicalNot):
2243         (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
2244         (JSC::DFG::SpeculativeJIT::compile):
2245         * dfg/DFGSpeculativeJIT64.cpp:
2246         (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
2247         (JSC::DFG::SpeculativeJIT::fillSpeculateDouble):
2248         (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
2249         (JSC::DFG::SpeculativeJIT::fillSpeculateBoolean):
2250         (JSC::DFG::SpeculativeJIT::compileObjectEquality):
2251         (JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
2252         (JSC::DFG::SpeculativeJIT::compileLogicalNot):
2253         (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
2254         (JSC::DFG::SpeculativeJIT::emitBranch):
2255         (JSC::DFG::SpeculativeJIT::compile):
2256         * jit/JITPropertyAccess.cpp:
2257         (JSC::JIT::emitSlow_op_method_check):
2258         * jit/JITPropertyAccess32_64.cpp:
2259         (JSC::JIT::emitSlow_op_method_check):
2260         * runtime/Heuristics.cpp:
2261         (JSC::Heuristics::initializeHeuristics):
2262         * runtime/JSValue.h:
2263
2264 2011-10-31  Sam Weinig  <sam@webkit.org>
2265
2266         Remove need for virtual JSObject::unwrappedObject
2267         https://bugs.webkit.org/show_bug.cgi?id=71034
2268
2269         Reviewed by Geoffrey Garen.
2270
2271         * JavaScriptCore.exp:
2272         Update exports.
2273
2274         * CMakeLists.txt:
2275         * GNUmakefile.list.am:
2276         * JavaScriptCore.exp:
2277         * JavaScriptCore.gypi:
2278         * JavaScriptCore.pro:
2279         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2280         * JavaScriptCore.xcodeproj/project.pbxproj:
2281         Add JSGlobalThis.cpp.
2282
2283         * runtime/JSGlobalThis.cpp: Added.
2284         (JSC::JSGlobalThis::visitChildren):
2285         (JSC::JSGlobalThis::unwrappedObject):
2286         * runtime/JSGlobalThis.h:
2287         (JSC::JSGlobalThis::createStructure):
2288         Move underlying object from JSDOMWindowShell down to JSGlobalThis
2289         and corresponding visitChildren method.
2290
2291         * runtime/JSObject.cpp:
2292         (JSC::JSObject::unwrappedObject):
2293         Change unwrappedObject from virtual, to just needing an if check.
2294
2295         * runtime/JSObject.h:
2296         (JSC::JSObject::isGlobalThis):
2297         * runtime/JSType.h:
2298         Add isGlobalThis predicate and type.
2299
2300 2011-10-31  Xianzhu Wang  <wangxianzhu@chromium.org>
2301
2302         WTF::StringImpl::create(const char*, unsigned) calls itself
2303         https://bugs.webkit.org/show_bug.cgi?id=71206
2304
2305         The original implementation just calls itself, causing infinite recursion.
2306         Cast the first parameter to const LChar* to fix that.
2307
2308         Reviewed by Ryosuke Niwa.
2309
2310         * wtf/text/StringImpl.h:
2311         (WTF::StringImpl::create):
2312
2313 2011-10-31  Andy Wingo  <wingo@igalia.com>
2314
2315         Fix DFG JIT compilation on Linux targets.
2316         https://bugs.webkit.org/show_bug.cgi?id=70904
2317
2318         Reviewed by Darin Adler.
2319
2320         * jit/JITStubs.cpp (SYMBOL_STRING_RELOCATION): Simplify this
2321         macro.
2322
2323         * dfg/DFGOperations.cpp (SYMBOL_STRING_RELOCATION): Copy the
2324         simplified definition from jit/JITStubs.cpp.
2325         (FUNCTION_WRAPPER_WITH_RETURN_ADDRESS, getHostCallReturnValue):
2326         Use the macro to access trampoline targets through the PLT on PIC
2327         systems, instead of introducing a text relocation.  Otherwise, the
2328         library fails to link.
2329
2330 2011-10-31  Mark Hahnenberg  <mhahnenberg@apple.com>
2331
2332         De-virtualize JSObject::defineGetter
2333         https://bugs.webkit.org/show_bug.cgi?id=71134
2334
2335         Reviewed by Darin Adler.
2336
2337         Added defineGetter to the MethodTable.  Replaced all virtual versions of defineGetter
2338         with static versions.  Replaced all call sites with lookups in the MethodTable.
2339
2340         * JavaScriptCore.exp:
2341         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2342         * debugger/DebuggerActivation.cpp:
2343         (JSC::DebuggerActivation::defineGetter):
2344         * debugger/DebuggerActivation.h:
2345         * interpreter/Interpreter.cpp:
2346         (JSC::Interpreter::privateExecute):
2347         * jit/JITStubs.cpp:
2348         (JSC::DEFINE_STUB_FUNCTION):
2349         * runtime/ClassInfo.h:
2350         * runtime/JSCell.cpp:
2351         (JSC::JSCell::defineGetter):
2352         * runtime/JSCell.h:
2353         * runtime/JSGlobalObject.cpp:
2354         (JSC::JSGlobalObject::defineGetter):
2355         * runtime/JSGlobalObject.h:
2356         * runtime/JSObject.cpp:
2357         (JSC::JSObject::defineGetter):
2358         (JSC::putDescriptor):
2359         * runtime/JSObject.h:
2360         * runtime/ObjectPrototype.cpp:
2361         (JSC::objectProtoFuncDefineGetter):
2362
2363 2011-10-31  Michael Saboff  <msaboff@apple.com>
2364
2365         Towards 8-bit Strings: Move Lexer and Parser Objects out of JSGlobalData
2366         https://bugs.webkit.org/show_bug.cgi?id=71138
2367
2368         Restructure and movement of Lexer and Parser code.
2369         Moved Lexer and Parser objects out of JSGlobalData.
2370         Added a new ParserTokens class and instance to JSGlobalData that
2371         have JavaScript token related definitions.
2372         Replaced JSGlobalData arguments to Node classes with lineNumber,
2373         as that was the only use of the JSGlobalData.
2374         Combined JSParser and Parser classes into one class,
2375         eliminating JSParser.h and .cpp.
2376         Various supporting #include changes.
2377
2378         These mostly mechanical changes are done in preparation to
2379         making the Lexer and Parser template classes.
2380
2381         Reviewed by Darin Adler.
2382
2383         * CMakeLists.txt:
2384         * GNUmakefile.list.am:
2385         * JavaScriptCore.gypi:
2386         * JavaScriptCore.pro:
2387         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2388         * JavaScriptCore.xcodeproj/project.pbxproj:
2389         * bytecompiler/NodesCodegen.cpp:
2390         (JSC::ArrayNode::toArgumentList):
2391         (JSC::ApplyFunctionCallDotNode::emitBytecode):
2392         * parser/ASTBuilder.h:
2393         (JSC::ASTBuilder::ASTBuilder):
2394         (JSC::ASTBuilder::createSourceElements):
2395         (JSC::ASTBuilder::createCommaExpr):
2396         (JSC::ASTBuilder::createLogicalNot):
2397         (JSC::ASTBuilder::createUnaryPlus):
2398         (JSC::ASTBuilder::createVoid):
2399         (JSC::ASTBuilder::thisExpr):
2400         (JSC::ASTBuilder::createResolve):
2401         (JSC::ASTBuilder::createObjectLiteral):
2402         (JSC::ASTBuilder::createArray):
2403         (JSC::ASTBuilder::createNumberExpr):
2404         (JSC::ASTBuilder::createString):
2405         (JSC::ASTBuilder::createBoolean):
2406         (JSC::ASTBuilder::createNull):
2407         (JSC::ASTBuilder::createBracketAccess):
2408         (JSC::ASTBuilder::createDotAccess):
2409         (JSC::ASTBuilder::createRegExp):
2410         (JSC::ASTBuilder::createNewExpr):
2411         (JSC::ASTBuilder::createConditionalExpr):
2412         (JSC::ASTBuilder::createAssignResolve):
2413         (JSC::ASTBuilder::createFunctionExpr):
2414         (JSC::ASTBuilder::createFunctionBody):
2415         (JSC::ASTBuilder::createGetterOrSetterProperty):
2416         (JSC::ASTBuilder::createArguments):
2417         (JSC::ASTBuilder::createArgumentsList):
2418         (JSC::ASTBuilder::createPropertyList):
2419         (JSC::ASTBuilder::createElementList):
2420         (JSC::ASTBuilder::createFormalParameterList):
2421         (JSC::ASTBuilder::createClause):
2422         (JSC::ASTBuilder::createClauseList):
2423         (JSC::ASTBuilder::createFuncDeclStatement):
2424         (JSC::ASTBuilder::createBlockStatement):
2425         (JSC::ASTBuilder::createExprStatement):
2426         (JSC::ASTBuilder::createIfStatement):
2427         (JSC::ASTBuilder::createForLoop):
2428         (JSC::ASTBuilder::createForInLoop):
2429         (JSC::ASTBuilder::createEmptyStatement):
2430         (JSC::ASTBuilder::createVarStatement):
2431         (JSC::ASTBuilder::createReturnStatement):
2432         (JSC::ASTBuilder::createBreakStatement):
2433         (JSC::ASTBuilder::createContinueStatement):
2434         (JSC::ASTBuilder::createTryStatement):
2435         (JSC::ASTBuilder::createSwitchStatement):
2436         (JSC::ASTBuilder::createWhileStatement):
2437         (JSC::ASTBuilder::createDoWhileStatement):
2438         (JSC::ASTBuilder::createLabelStatement):
2439         (JSC::ASTBuilder::createWithStatement):
2440         (JSC::ASTBuilder::createThrowStatement):
2441         (JSC::ASTBuilder::createDebugger):
2442         (JSC::ASTBuilder::createConstStatement):
2443         (JSC::ASTBuilder::appendConstDecl):
2444         (JSC::ASTBuilder::combineCommaNodes):
2445         (JSC::ASTBuilder::appendBinaryOperation):
2446         (JSC::ASTBuilder::createAssignment):
2447         (JSC::ASTBuilder::createNumber):
2448         (JSC::ASTBuilder::makeTypeOfNode):
2449         (JSC::ASTBuilder::makeDeleteNode):
2450         (JSC::ASTBuilder::makeNegateNode):
2451         (JSC::ASTBuilder::makeBitwiseNotNode):
2452         (JSC::ASTBuilder::makeMultNode):
2453         (JSC::ASTBuilder::makeDivNode):
2454         (JSC::ASTBuilder::makeModNode):
2455         (JSC::ASTBuilder::makeAddNode):
2456         (JSC::ASTBuilder::makeSubNode):
2457         (JSC::ASTBuilder::makeLeftShiftNode):
2458         (JSC::ASTBuilder::makeRightShiftNode):
2459         (JSC::ASTBuilder::makeURightShiftNode):
2460         (JSC::ASTBuilder::makeBitOrNode):
2461         (JSC::ASTBuilder::makeBitAndNode):
2462         (JSC::ASTBuilder::makeBitXOrNode):
2463         (JSC::ASTBuilder::makeFunctionCallNode):
2464         (JSC::ASTBuilder::makeBinaryNode):
2465         (JSC::ASTBuilder::makeAssignNode):
2466         (JSC::ASTBuilder::makePrefixNode):
2467         (JSC::ASTBuilder::makePostfixNode):
2468         * parser/JSParser.cpp: Removed.
2469         * parser/JSParser.h: Removed.
2470         * parser/Lexer.cpp:
2471         (JSC::Keywords::Keywords):
2472         (JSC::Lexer::Lexer):
2473         (JSC::Lexer::~Lexer):
2474         (JSC::Lexer::setCode):
2475         (JSC::Lexer::parseIdentifier):
2476         * parser/Lexer.h:
2477         (JSC::Keywords::isKeyword):
2478         (JSC::Keywords::getKeyword):
2479         (JSC::Keywords::~Keywords):
2480         (JSC::Lexer::setIsReparsing):
2481         (JSC::Lexer::isReparsing):
2482         (JSC::Lexer::lineNumber):
2483         (JSC::Lexer::setLastLineNumber):
2484         (JSC::Lexer::lastLineNumber):
2485         (JSC::Lexer::prevTerminator):
2486         (JSC::Lexer::sawError):
2487         (JSC::Lexer::getErrorMessage):
2488         (JSC::Lexer::currentOffset):
2489         (JSC::Lexer::setOffset):
2490         (JSC::Lexer::setLineNumber):
2491         (JSC::Lexer::sourceProvider):
2492         (JSC::Lexer::isWhiteSpace):
2493         (JSC::Lexer::isLineTerminator):
2494         (JSC::Lexer::convertHex):
2495         (JSC::Lexer::convertUnicode):
2496         (JSC::Lexer::makeIdentifier):
2497         (JSC::Lexer::lexExpectIdentifier):
2498         * parser/NodeConstructors.h:
2499         (JSC::ParserArenaFreeable::operator new):
2500         (JSC::ParserArenaDeletable::operator new):
2501         (JSC::ParserArenaRefCounted::ParserArenaRefCounted):
2502         (JSC::Node::Node):
2503         (JSC::ExpressionNode::ExpressionNode):
2504         (JSC::StatementNode::StatementNode):
2505         (JSC::NullNode::NullNode):
2506         (JSC::BooleanNode::BooleanNode):
2507         (JSC::NumberNode::NumberNode):
2508         (JSC::StringNode::StringNode):
2509         (JSC::RegExpNode::RegExpNode):
2510         (JSC::ThisNode::ThisNode):
2511         (JSC::ResolveNode::ResolveNode):
2512         (JSC::ElementNode::ElementNode):
2513         (JSC::ArrayNode::ArrayNode):
2514         (JSC::PropertyNode::PropertyNode):
2515         (JSC::PropertyListNode::PropertyListNode):
2516         (JSC::ObjectLiteralNode::ObjectLiteralNode):
2517         (JSC::BracketAccessorNode::BracketAccessorNode):
2518         (JSC::DotAccessorNode::DotAccessorNode):
2519         (JSC::ArgumentListNode::ArgumentListNode):
2520         (JSC::ArgumentsNode::ArgumentsNode):
2521         (JSC::NewExprNode::NewExprNode):
2522         (JSC::EvalFunctionCallNode::EvalFunctionCallNode):
2523         (JSC::FunctionCallValueNode::FunctionCallValueNode):
2524         (JSC::FunctionCallResolveNode::FunctionCallResolveNode):
2525         (JSC::FunctionCallBracketNode::FunctionCallBracketNode):
2526         (JSC::FunctionCallDotNode::FunctionCallDotNode):
2527         (JSC::CallFunctionCallDotNode::CallFunctionCallDotNode):
2528         (JSC::ApplyFunctionCallDotNode::ApplyFunctionCallDotNode):
2529         (JSC::PrePostResolveNode::PrePostResolveNode):
2530         (JSC::PostfixResolveNode::PostfixResolveNode):
2531         (JSC::PostfixBracketNode::PostfixBracketNode):
2532         (JSC::PostfixDotNode::PostfixDotNode):
2533         (JSC::PostfixErrorNode::PostfixErrorNode):
2534         (JSC::DeleteResolveNode::DeleteResolveNode):
2535         (JSC::DeleteBracketNode::DeleteBracketNode):
2536         (JSC::DeleteDotNode::DeleteDotNode):
2537         (JSC::DeleteValueNode::DeleteValueNode):
2538         (JSC::VoidNode::VoidNode):
2539         (JSC::TypeOfResolveNode::TypeOfResolveNode):
2540         (JSC::TypeOfValueNode::TypeOfValueNode):
2541         (JSC::PrefixResolveNode::PrefixResolveNode):
2542         (JSC::PrefixBracketNode::PrefixBracketNode):
2543         (JSC::PrefixDotNode::PrefixDotNode):
2544         (JSC::PrefixErrorNode::PrefixErrorNode):
2545         (JSC::UnaryOpNode::UnaryOpNode):
2546         (JSC::UnaryPlusNode::UnaryPlusNode):
2547         (JSC::NegateNode::NegateNode):
2548         (JSC::BitwiseNotNode::BitwiseNotNode):
2549         (JSC::LogicalNotNode::LogicalNotNode):
2550         (JSC::BinaryOpNode::BinaryOpNode):
2551         (JSC::MultNode::MultNode):
2552         (JSC::DivNode::DivNode):
2553         (JSC::ModNode::ModNode):
2554         (JSC::AddNode::AddNode):
2555         (JSC::SubNode::SubNode):
2556         (JSC::LeftShiftNode::LeftShiftNode):
2557         (JSC::RightShiftNode::RightShiftNode):
2558         (JSC::UnsignedRightShiftNode::UnsignedRightShiftNode):
2559         (JSC::LessNode::LessNode):
2560         (JSC::GreaterNode::GreaterNode):
2561         (JSC::LessEqNode::LessEqNode):
2562         (JSC::GreaterEqNode::GreaterEqNode):
2563         (JSC::ThrowableBinaryOpNode::ThrowableBinaryOpNode):
2564         (JSC::InstanceOfNode::InstanceOfNode):
2565         (JSC::InNode::InNode):
2566         (JSC::EqualNode::EqualNode):
2567         (JSC::NotEqualNode::NotEqualNode):
2568         (JSC::StrictEqualNode::StrictEqualNode):
2569         (JSC::NotStrictEqualNode::NotStrictEqualNode):
2570         (JSC::BitAndNode::BitAndNode):
2571         (JSC::BitOrNode::BitOrNode):
2572         (JSC::BitXOrNode::BitXOrNode):
2573         (JSC::LogicalOpNode::LogicalOpNode):
2574         (JSC::ConditionalNode::ConditionalNode):
2575         (JSC::ReadModifyResolveNode::ReadModifyResolveNode):
2576         (JSC::AssignResolveNode::AssignResolveNode):
2577         (JSC::ReadModifyBracketNode::ReadModifyBracketNode):
2578         (JSC::AssignBracketNode::AssignBracketNode):
2579         (JSC::AssignDotNode::AssignDotNode):
2580         (JSC::ReadModifyDotNode::ReadModifyDotNode):
2581         (JSC::AssignErrorNode::AssignErrorNode):
2582         (JSC::CommaNode::CommaNode):
2583         (JSC::ConstStatementNode::ConstStatementNode):
2584         (JSC::SourceElements::SourceElements):
2585         (JSC::EmptyStatementNode::EmptyStatementNode):
2586         (JSC::DebuggerStatementNode::DebuggerStatementNode):
2587         (JSC::ExprStatementNode::ExprStatementNode):
2588         (JSC::VarStatementNode::VarStatementNode):
2589         (JSC::IfNode::IfNode):
2590         (JSC::IfElseNode::IfElseNode):
2591         (JSC::DoWhileNode::DoWhileNode):
2592         (JSC::WhileNode::WhileNode):
2593         (JSC::ForNode::ForNode):
2594         (JSC::ContinueNode::ContinueNode):
2595         (JSC::BreakNode::BreakNode):
2596         (JSC::ReturnNode::ReturnNode):
2597         (JSC::WithNode::WithNode):
2598         (JSC::LabelNode::LabelNode):
2599         (JSC::ThrowNode::ThrowNode):
2600         (JSC::TryNode::TryNode):
2601         (JSC::ParameterNode::ParameterNode):
2602         (JSC::FuncExprNode::FuncExprNode):
2603         (JSC::FuncDeclNode::FuncDeclNode):
2604         (JSC::CaseClauseNode::CaseClauseNode):
2605         (JSC::ClauseListNode::ClauseListNode):
2606         (JSC::CaseBlockNode::CaseBlockNode):
2607         (JSC::SwitchNode::SwitchNode):
2608         (JSC::ConstDeclNode::ConstDeclNode):
2609         (JSC::BlockNode::BlockNode):
2610         (JSC::ForInNode::ForInNode):
2611         * parser/NodeInfo.h:
2612         * parser/Nodes.cpp:
2613         (JSC::StatementNode::setLoc):
2614         (JSC::ScopeNode::ScopeNode):
2615         (JSC::ProgramNode::ProgramNode):
2616         (JSC::ProgramNode::create):
2617         (JSC::EvalNode::EvalNode):
2618         (JSC::EvalNode::create):
2619         (JSC::FunctionBodyNode::FunctionBodyNode):
2620         (JSC::FunctionBodyNode::create):
2621         * parser/Nodes.h:
2622         (JSC::Node::lineNo):
2623         * parser/Parser.cpp:
2624         (JSC::Parser::Parser):
2625         (JSC::Parser::~Parser):
2626         (JSC::Parser::parseInner):
2627         (JSC::Parser::allowAutomaticSemicolon):
2628         (JSC::Parser::parseSourceElements):
2629         (JSC::Parser::parseVarDeclaration):
2630         (JSC::Parser::parseConstDeclaration):
2631         (JSC::Parser::parseDoWhileStatement):
2632         (JSC::Parser::parseWhileStatement):
2633         (JSC::Parser::parseVarDeclarationList):
2634         (JSC::Parser::parseConstDeclarationList):
2635         (JSC::Parser::parseForStatement):
2636         (JSC::Parser::parseBreakStatement):
2637         (JSC::Parser::parseContinueStatement):
2638         (JSC::Parser::parseReturnStatement):
2639         (JSC::Parser::parseThrowStatement):
2640         (JSC::Parser::parseWithStatement):
2641         (JSC::Parser::parseSwitchStatement):
2642         (JSC::Parser::parseSwitchClauses):
2643         (JSC::Parser::parseSwitchDefaultClause):
2644         (JSC::Parser::parseTryStatement):
2645         (JSC::Parser::parseDebuggerStatement):
2646         (JSC::Parser::parseBlockStatement):
2647         (JSC::Parser::parseStatement):
2648         (JSC::Parser::parseFormalParameters):
2649         (JSC::Parser::parseFunctionBody):
2650         (JSC::Parser::parseFunctionInfo):
2651         (JSC::Parser::parseFunctionDeclaration):
2652         (JSC::LabelInfo::LabelInfo):
2653         (JSC::Parser::parseExpressionOrLabelStatement):
2654         (JSC::Parser::parseExpressionStatement):
2655         (JSC::Parser::parseIfStatement):
2656         (JSC::Parser::parseExpression):
2657         (JSC::Parser::parseAssignmentExpression):
2658         (JSC::Parser::parseConditionalExpression):
2659         (JSC::isUnaryOp):
2660         (JSC::Parser::isBinaryOperator):
2661         (JSC::Parser::parseBinaryExpression):
2662         (JSC::Parser::parseProperty):
2663         (JSC::Parser::parseObjectLiteral):
2664         (JSC::Parser::parseStrictObjectLiteral):
2665         (JSC::Parser::parseArrayLiteral):
2666         (JSC::Parser::parsePrimaryExpression):
2667         (JSC::Parser::parseArguments):
2668         (JSC::Parser::parseMemberExpression):
2669         (JSC::Parser::parseUnaryExpression):
2670         * parser/Parser.h:
2671         (JSC::isEvalNode):
2672         (JSC::EvalNode):
2673         (JSC::DepthManager::DepthManager):
2674         (JSC::DepthManager::~DepthManager):
2675         (JSC::ScopeLabelInfo::ScopeLabelInfo):
2676         (JSC::Scope::Scope):
2677         (JSC::Scope::startSwitch):
2678         (JSC::Scope::endSwitch):
2679         (JSC::Scope::startLoop):
2680         (JSC::Scope::endLoop):
2681         (JSC::Scope::inLoop):
2682         (JSC::Scope::breakIsValid):
2683         (JSC::Scope::continueIsValid):
2684         (JSC::Scope::pushLabel):
2685         (JSC::Scope::popLabel):
2686         (JSC::Scope::getLabel):
2687         (JSC::Scope::setIsFunction):
2688         (JSC::Scope::isFunction):
2689         (JSC::Scope::isFunctionBoundary):
2690         (JSC::Scope::declareVariable):
2691         (JSC::Scope::declareWrite):
2692         (JSC::Scope::preventNewDecls):
2693         (JSC::Scope::allowsNewDecls):
2694         (JSC::Scope::declareParameter):
2695         (JSC::Scope::useVariable):
2696         (JSC::Scope::setNeedsFullActivation):
2697         (JSC::Scope::collectFreeVariables):
2698         (JSC::Scope::getUncapturedWrittenVariables):
2699         (JSC::Scope::getCapturedVariables):
2700         (JSC::Scope::setStrictMode):
2701         (JSC::Scope::strictMode):
2702         (JSC::Scope::isValidStrictMode):
2703         (JSC::Scope::shadowsArguments):
2704         (JSC::Scope::copyCapturedVariablesToVector):
2705         (JSC::Scope::saveFunctionInfo):
2706         (JSC::Scope::restoreFunctionInfo):
2707         (JSC::ScopeRef::ScopeRef):
2708         (JSC::ScopeRef::operator->):
2709         (JSC::ScopeRef::index):
2710         (JSC::ScopeRef::hasContainingScope):
2711         (JSC::ScopeRef::containingScope):
2712         (JSC::Parser::AllowInOverride::AllowInOverride):
2713         (JSC::Parser::AllowInOverride::~AllowInOverride):
2714         (JSC::Parser::AutoPopScopeRef::AutoPopScopeRef):
2715         (JSC::Parser::AutoPopScopeRef::~AutoPopScopeRef):
2716         (JSC::Parser::AutoPopScopeRef::setPopped):
2717         (JSC::Parser::currentScope):
2718         (JSC::Parser::pushScope):
2719         (JSC::Parser::popScopeInternal):
2720         (JSC::Parser::popScope):
2721         (JSC::Parser::declareVariable):
2722         (JSC::Parser::declareWrite):
2723         (JSC::Parser::findCachedFunctionInfo):
2724         (JSC::Parser::isFunctionBodyNode):
2725         (JSC::Parser::next):
2726         (JSC::Parser::nextExpectIdentifier):
2727         (JSC::Parser::nextTokenIsColon):
2728         (JSC::Parser::consume):
2729         (JSC::Parser::getToken):
2730         (JSC::Parser::match):
2731         (JSC::Parser::tokenStart):
2732         (JSC::Parser::tokenLine):
2733         (JSC::Parser::tokenEnd):
2734         (JSC::Parser::getTokenName):
2735         (JSC::Parser::updateErrorMessageSpecialCase):
2736         (JSC::Parser::updateErrorMessage):
2737         (JSC::Parser::updateErrorWithNameAndMessage):
2738         (JSC::Parser::startLoop):
2739         (JSC::Parser::endLoop):
2740         (JSC::Parser::startSwitch):
2741         (JSC::Parser::endSwitch):
2742         (JSC::Parser::setStrictMode):
2743         (JSC::Parser::strictMode):
2744         (JSC::Parser::isValidStrictMode):
2745         (JSC::Parser::declareParameter):
2746         (JSC::Parser::breakIsValid):
2747         (JSC::Parser::continueIsValid):
2748         (JSC::Parser::pushLabel):
2749         (JSC::Parser::popLabel):
2750         (JSC::Parser::getLabel):
2751         (JSC::Parser::autoSemiColon):
2752         (JSC::Parser::canRecurse):
2753         (JSC::Parser::lastTokenEnd):
2754         (JSC::Parser::DepthManager::DepthManager):
2755         (JSC::Parser::DepthManager::~DepthManager):
2756         (JSC::Parser::parse):
2757         (JSC::parse):
2758         * parser/ParserTokens.h: Added.
2759         (JSC::JSTokenInfo::JSTokenInfo):
2760         * parser/SourceCode.h:
2761         (JSC::SourceCode::subExpression):
2762         * parser/SourceProviderCacheItem.h:
2763         * parser/SyntaxChecker.h:
2764         (JSC::SyntaxChecker::SyntaxChecker):
2765         (JSC::SyntaxChecker::makeFunctionCallNode):
2766         (JSC::SyntaxChecker::createCommaExpr):
2767         (JSC::SyntaxChecker::makeAssignNode):
2768         (JSC::SyntaxChecker::makePrefixNode):
2769         (JSC::SyntaxChecker::makePostfixNode):
2770         (JSC::SyntaxChecker::makeTypeOfNode):
2771         (JSC::SyntaxChecker::makeDeleteNode):
2772         (JSC::SyntaxChecker::makeNegateNode):
2773         (JSC::SyntaxChecker::makeBitwiseNotNode):
2774         (JSC::SyntaxChecker::createLogicalNot):
2775         (JSC::SyntaxChecker::createUnaryPlus):
2776         (JSC::SyntaxChecker::createVoid):
2777         (JSC::SyntaxChecker::thisExpr):
2778         (JSC::SyntaxChecker::createResolve):
2779         (JSC::SyntaxChecker::createObjectLiteral):
2780         (JSC::SyntaxChecker::createArray):
2781         (JSC::SyntaxChecker::createNumberExpr):
2782         (JSC::SyntaxChecker::createString):
2783         (JSC::SyntaxChecker::createBoolean):
2784         (JSC::SyntaxChecker::createNull):
2785         (JSC::SyntaxChecker::createBracketAccess):
2786         (JSC::SyntaxChecker::createDotAccess):
2787         (JSC::SyntaxChecker::createRegExp):
2788         (JSC::SyntaxChecker::createNewExpr):
2789         (JSC::SyntaxChecker::createConditionalExpr):
2790         (JSC::SyntaxChecker::createAssignResolve):
2791         (JSC::SyntaxChecker::createFunctionExpr):
2792         (JSC::SyntaxChecker::createFunctionBody):
2793         (JSC::SyntaxChecker::createArguments):
2794         (JSC::SyntaxChecker::createArgumentsList):
2795         (JSC::SyntaxChecker::createProperty):
2796         (JSC::SyntaxChecker::createPropertyList):
2797         (JSC::SyntaxChecker::createFuncDeclStatement):
2798         (JSC::SyntaxChecker::createBlockStatement):
2799         (JSC::SyntaxChecker::createExprStatement):
2800         (JSC::SyntaxChecker::createIfStatement):
2801         (JSC::SyntaxChecker::createForLoop):
2802         (JSC::SyntaxChecker::createForInLoop):
2803         (JSC::SyntaxChecker::createEmptyStatement):
2804         (JSC::SyntaxChecker::createVarStatement):
2805         (JSC::SyntaxChecker::createReturnStatement):
2806         (JSC::SyntaxChecker::createBreakStatement):
2807         (JSC::SyntaxChecker::createContinueStatement):
2808         (JSC::SyntaxChecker::createTryStatement):
2809         (JSC::SyntaxChecker::createSwitchStatement):
2810         (JSC::SyntaxChecker::createWhileStatement):
2811         (JSC::SyntaxChecker::createWithStatement):
2812         (JSC::SyntaxChecker::createDoWhileStatement):
2813         (JSC::SyntaxChecker::createLabelStatement):
2814         (JSC::SyntaxChecker::createThrowStatement):
2815         (JSC::SyntaxChecker::createDebugger):
2816         (JSC::SyntaxChecker::createConstStatement):
2817         (JSC::SyntaxChecker::appendConstDecl):
2818         (JSC::SyntaxChecker::createGetterOrSetterProperty):
2819         (JSC::SyntaxChecker::combineCommaNodes):
2820         (JSC::SyntaxChecker::operatorStackPop):
2821         * runtime/Executable.cpp:
2822         (JSC::EvalExecutable::compileInternal):
2823         (JSC::ProgramExecutable::checkSyntax):
2824         (JSC::ProgramExecutable::compileInternal):
2825         (JSC::FunctionExecutable::produceCodeBlockFor):
2826         (JSC::FunctionExecutable::fromGlobalCode):
2827         * runtime/JSGlobalData.cpp:
2828         (JSC::JSGlobalData::JSGlobalData):
2829         (JSC::JSGlobalData::~JSGlobalData):
2830         * runtime/JSGlobalData.h:
2831         * runtime/LiteralParser.cpp:
2832         (JSC::LiteralParser::tryJSONPParse):
2833
2834 2011-10-31  Filip Pizlo  <fpizlo@apple.com>
2835
2836         REGRESSION (r97118): Reproducible crash in JSCell::toPrimitive when adding
2837         https://bugs.webkit.org/show_bug.cgi?id=71227
2838
2839         Reviewed by Oliver Hunt.
2840         
2841         No new tests, since while I can see exactly where the DFG went wrong on the
2842         site in question from looking at the generated machine code, and while I can
2843         certainly believe that such a scenario would happen, I cannot visualize how
2844         to make it happen reproducibly. It requires an odd combination of double
2845         values getting spilled and then refilled, but then reboxed at just the right
2846         time so that the spilled value is an unboxed double while the in-register
2847         value is a boxed double.
2848
2849         * dfg/DFGJITCodeGenerator.h:
2850         (JSC::DFG::JITCodeGenerator::silentFillGPR):
2851
2852 2011-10-30  Filip Pizlo  <fpizlo@apple.com>
2853
2854         JSParser::parsePrimaryExpression should have an overflow check
2855         https://bugs.webkit.org/show_bug.cgi?id=71197
2856
2857         Reviewed by Geoff Garen.
2858
2859         * parser/JSParser.cpp:
2860         (JSC::JSParser::parsePrimaryExpression):
2861
2862 2011-10-30  Filip Pizlo  <fpizlo@apple.com>
2863
2864         DFG ValueAdd(string, int) should not fail speculation
2865         https://bugs.webkit.org/show_bug.cgi?id=71195
2866
2867         Reviewed by Geoff Garen.
2868         
2869         1% speed-up on V8.
2870
2871         * dfg/DFGNode.h:
2872         (JSC::DFG::Node::shouldNotSpeculateInteger):
2873         (JSC::DFG::Node::shouldSpeculateInteger):
2874
2875 2011-10-30  Filip Pizlo  <fpizlo@apple.com>
2876
2877         The DFG inliner should not flush the callee
2878         https://bugs.webkit.org/show_bug.cgi?id=71191
2879
2880         Reviewed by Oliver Hunt.
2881         
2882         0.6% speed-up on V8.
2883
2884         * bytecode/CodeBlock.cpp:
2885         (JSC::CodeBlock::visitAggregate):
2886         * bytecode/CodeOrigin.h:
2887         * dfg/DFGByteCodeParser.cpp:
2888         (JSC::DFG::ByteCodeParser::flush):
2889         (JSC::DFG::ByteCodeParser::handleInlining):
2890         (JSC::DFG::ByteCodeParser::parseBlock):
2891         (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
2892         (JSC::DFG::ByteCodeParser::parse):
2893         * dfg/DFGJITCompiler.cpp:
2894         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
2895         * dfg/DFGJITCompiler32_64.cpp:
2896         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
2897         * interpreter/CallFrame.cpp:
2898         (JSC::CallFrame::trueCallerFrameSlow):
2899
2900 2011-10-28  Mark Hahnenberg  <mhahnenberg@apple.com>
2901
2902         De-virtualize isGlobalObject, isVariableObject, isActivationObject, and isErrorInstance in JSObject
2903         https://bugs.webkit.org/show_bug.cgi?id=70968
2904
2905         Reviewed by Geoffrey Garen.
2906
2907         * API/JSCallbackObject.cpp: Added two specializations for createStructure that use different JSTypes in their
2908         TypeInfo.  Had to also create a specialization for JSNonFinalObject, even JSGlobalObject was the only that 
2909         needed it because Windows wouldn't build without it.
2910         (JSC::::createStructure):
2911         * API/JSCallbackObject.h:
2912         * JavaScriptCore.exp:
2913         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2914         * runtime/ErrorInstance.h: Removed virtual function and changed JSType provided to TypeInfo in createStructure. 
2915         (JSC::ErrorInstance::createStructure):
2916         * runtime/ErrorPrototype.h: Ditto
2917         (JSC::ErrorPrototype::createStructure):
2918         * runtime/JSActivation.h: Ditto
2919         (JSC::JSActivation::createStructure):
2920         * runtime/JSGlobalObject.h: Ditto
2921         (JSC::JSGlobalObject::createStructure):
2922         * runtime/JSObject.h: De-virtualized functions.  They now check the JSType of the object for the corresponding type.
2923         (JSC::JSObject::isGlobalObject):
2924         (JSC::JSObject::isVariableObject):
2925         (JSC::JSObject::isActivationObject):
2926         (JSC::JSObject::isErrorInstance):
2927         * runtime/JSType.h: Added new types for GlobalObject, VariableObject, ActivationObject, and ErrorInstance.
2928         * runtime/JSVariableObject.cpp: Removed virtual function.
2929         * runtime/JSVariableObject.h: Changed JSType provided to TypeInfo in createStructure.
2930         (JSC::JSVariableObject::createStructure):
2931
2932 2011-10-28  Pavel Feldman  <pfeldman@google.com>
2933
2934         Reset line numbers for scripts generated with document.write.
2935         https://bugs.webkit.org/show_bug.cgi?id=71099
2936
2937         Reviewed by Yury Semikhatsky.
2938
2939         * wtf/text/TextPosition.h:
2940         (WTF::OrdinalNumber::OrdinalNumber):
2941
2942 2011-10-27  Daniel Bates  <dbates@rim.com>
2943
2944         CMake: Add support to optionally install the built JavaScript shell
2945         https://bugs.webkit.org/show_bug.cgi?id=71062
2946
2947         Reviewed by Antonio Gomes.
2948
2949         Generate an installation rule for installing the JavaScript shell in
2950         /bin (with respect to the prefix path) when SHOULD_INSTALL_JS_SHELL
2951         is defined.
2952
2953         * shell/CMakeLists.txt:
2954
2955 2011-10-27  Kentaro Hara  <haraken@chromium.org>
2956
2957         Generate WebKitCSSMatrix constructor for JSC by [Constructor] IDL
2958         https://bugs.webkit.org/show_bug.cgi?id=70215
2959
2960         Reviewed by Adam Barth.
2961
2962         Added a method that judges if a given JSValue is empty.
2963
2964         Tests: transforms/svg-vs-css.xhtml
2965                transforms/cssmatrix-2d-interface.xhtml
2966                transforms/cssmatrix-3d-interface.xhtml
2967
2968         * runtime/JSValue.h:
2969         * runtime/JSValueInlineMethods.h:
2970         (JSC::JSValue::isEmpty):
2971
2972 2011-10-27  Michael Saboff  <msaboff@apple.com>
2973
2974         ENH: Add 8 bit string support to JSC JIT
2975         https://bugs.webkit.org/show_bug.cgi?id=71073
2976
2977         Changed the JIT String character access generation to create code
2978         to check the character size and load8() or load16() as approriate.
2979
2980         Reviewed by Gavin Barraclough.
2981
2982         * assembler/MacroAssemblerX86Common.h:
2983         (JSC::MacroAssemblerX86Common::load8):
2984         * assembler/X86Assembler.h:
2985         (JSC::X86Assembler::movzbl_mr):
2986         * dfg/DFGSpeculativeJIT.cpp:
2987         (JSC::DFG::SpeculativeJIT::compileGetCharCodeAt):
2988         (JSC::DFG::SpeculativeJIT::compileGetByValOnString):
2989         * jit/JITInlineMethods.h:
2990         (JSC::JIT::emitLoadCharacterString):
2991         * jit/JITPropertyAccess.cpp:
2992         (JSC::JIT::stringGetByValStubGenerator):
2993         * jit/JITPropertyAccess32_64.cpp:
2994         (JSC::JIT::stringGetByValStubGenerator):
2995         * jit/JSInterfaceJIT.h:
2996         (JSC::ThunkHelpers::stringImplFlagsOffset):
2997         (JSC::ThunkHelpers::stringImpl8BitFlag):
2998         * jit/ThunkGenerators.cpp:
2999         (JSC::stringCharLoad):
3000
3001 2011-10-27  Filip Pizlo  <fpizlo@apple.com>
3002
3003         If the bytecode generator emits code after the return in the first basic block,
3004         DFG's inliner crashes
3005         https://bugs.webkit.org/show_bug.cgi?id=71071
3006
3007         Reviewed by Gavin Barraclough.
3008         
3009         Removed some cruft dealing with parsing failures due to unsupported functionality
3010         (that's never reached anymore due to it being caught in DFGCapabilities). This
3011         allowed me to repurpose the bool return from parseBlock() to mean: true if we
3012         should continue to parse, or false if we've already parsed all live code.
3013
3014         * dfg/DFGByteCodeParser.cpp:
3015         (JSC::DFG::ByteCodeParser::ByteCodeParser):
3016         (JSC::DFG::ByteCodeParser::parseBlock):
3017         (JSC::DFG::ByteCodeParser::parseCodeBlock):
3018
3019 2011-10-27  Joseph Pecoraro  <pecoraro@apple.com>
3020
3021         Reviewed by David Kilzer.
3022
3023         Make FeatureDefines Identical Across OS X Projects
3024         https://bugs.webkit.org/show_bug.cgi?id=71051
3025
3026         * Configurations/FeatureDefines.xcconfig:
3027
3028 2011-10-27  Filip Pizlo  <fpizlo@apple.com>
3029
3030         Crash in JSC::Structure::materializePropertyMap when viewing Garden-O-Matic
3031         https://bugs.webkit.org/show_bug.cgi?id=71045
3032
3033         Reviewed by Geoff Garen.
3034         
3035         Make sure that if a structure is pinned, it also has a property map.
3036
3037         * runtime/Structure.cpp:
3038         (JSC::Structure::changePrototypeTransition):
3039         (JSC::Structure::despecifyFunctionTransition):
3040         (JSC::Structure::getterSetterTransition):
3041         (JSC::Structure::toDictionaryTransition):
3042         (JSC::Structure::preventExtensionsTransition):
3043         (JSC::Structure::addPropertyWithoutTransition):
3044         (JSC::Structure::removePropertyWithoutTransition):
3045         (JSC::Structure::pin):
3046         (JSC::Structure::copyPropertyTableForPinning):
3047         * runtime/Structure.h:
3048         (JSC::Structure::materializePropertyMapIfNecessaryForPinning):
3049
3050 2011-10-27  Michael Saboff  <msaboff@apple.com>
3051
3052         32bit build failure after r98624
3053         https://bugs.webkit.org/show_bug.cgi?id=71064
3054
3055         Disambiguated operator overload with unsigned index (0u).
3056
3057         Reviewed by Sam Weinig.
3058
3059         * runtime/UString.h:
3060         (JSC::operator==):
3061
3062 2011-10-27  Gustavo Noronha Silva  <gns@gnome.org>
3063
3064         Fix building on GNU/kFreeBSD
3065         https://bugs.webkit.org/show_bug.cgi?id=71005
3066
3067         Reviewed by Darin Adler.
3068
3069         * config.h:
3070         * wtf/Platform.h:
3071
3072 2011-10-27  Michael Saboff  <msaboff@apple.com>
3073
3074         Investigate storing strings in 8-bit buffers when possible
3075         https://bugs.webkit.org/show_bug.cgi?id=66161
3076
3077         Investigate storing strings in 8-bit buffers when possible
3078         https://bugs.webkit.org/show_bug.cgi?id=66161
3079
3080         Added support for 8 bit string data in StringImpl.  Changed
3081         (UChar*) m_data to m_data16.  Added char* m_data8 as a union
3082         with m_data16.  Added UChar* m_copyData16 to the other union
3083         to store a 16 bit copy of an 8 bit string when needed.
3084         Added characters8() and characters16() accessor methods
3085         that assume the caller has checked the underlying string type
3086         via the new is8Bit() method. The characters() method will
3087         return a UChar* of the string, materializing a 16 bit copy if the
3088         string is an 8 bit string.  Added two flags, one for 8 bit buffer
3089         and a second for a 16 bit copy for an 8 bit string.
3090
3091         Fixed method name typo (StringHasher::defaultCoverter()).
3092
3093         Over time the goal is to eliminate calls to characters() and
3094         us the character8() and characters16() accessors.
3095
3096         This patch does not include changes that actually create 8 bit
3097         strings. This is the first of at least 8 patches.  Subsequent
3098         patches will be submitted for JIT changes, making the JSC lexer,
3099         parser and literal parser, JavaScript string changes and
3100         then changes in webcore to take advantage of the 8 bit strings.
3101
3102         This change is performance neutral for SunSpider and V8 when
3103         run from the command line with "jsc".
3104
3105         Reviewed by Geoffrey Garen.
3106
3107         * JavaScriptCore.exp:
3108         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def
3109         * interpreter/Interpreter.cpp:
3110         (JSC::Interpreter::callEval):
3111         * parser/SourceProvider.h:
3112         (JSC::UStringSourceProvider::data):
3113         (JSC::UStringSourceProvider::UStringSourceProvider):
3114         * runtime/Identifier.cpp:
3115         (JSC::IdentifierCStringTranslator::hash):
3116         (JSC::IdentifierCStringTranslator::equal):
3117         (JSC::IdentifierCStringTranslator::translate):
3118         (JSC::Identifier::add):
3119         (JSC::Identifier::toUInt32):
3120         * runtime/Identifier.h:
3121         (JSC::Identifier::equal):
3122         (JSC::operator==):
3123         (JSC::operator!=):
3124         * runtime/JSString.cpp:
3125         (JSC::JSString::resolveRope):
3126         (JSC::JSString::resolveRopeSlowCase):
3127         * runtime/RegExp.cpp:
3128         (JSC::RegExp::match):
3129         * runtime/StringPrototype.cpp:
3130         (JSC::jsSpliceSubstringsWithSeparators):
3131         * runtime/UString.cpp:
3132         (JSC::UString::UString):
3133         (JSC::equalSlowCase):
3134         (JSC::UString::utf8):
3135         * runtime/UString.h:
3136         (JSC::UString::characters):
3137         (JSC::UString::characters8):
3138         (JSC::UString::characters16):
3139         (JSC::UString::is8Bit):
3140         (JSC::UString::operator[]):
3141         (JSC::UString::find):
3142         (JSC::operator==):
3143         * wtf/StringHasher.h:
3144         (WTF::StringHasher::computeHash):
3145         (WTF::StringHasher::defaultConverter):
3146         * wtf/text/AtomicString.cpp:
3147         (WTF::CStringTranslator::hash):
3148         (WTF::CStringTranslator::equal):
3149         (WTF::CStringTranslator::translate):
3150         (WTF::AtomicString::add):
3151         * wtf/text/AtomicString.h:
3152         (WTF::AtomicString::AtomicString):
3153         (WTF::AtomicString::contains):
3154         (WTF::AtomicString::find):
3155         (WTF::AtomicString::add):
3156         (WTF::operator==):
3157         (WTF::operator!=):
3158         (WTF::equalIgnoringCase):
3159         * wtf/text/StringConcatenate.h:
3160         * wtf/text/StringHash.h:
3161         (WTF::StringHash::equal):
3162         (WTF::CaseFoldingHash::hash):
3163         * wtf/text/StringImpl.cpp:
3164         (WTF::StringImpl::~StringImpl):
3165         (WTF::StringImpl::createUninitialized):
3166         (WTF::StringImpl::create):
3167         (WTF::StringImpl::getData16SlowCase):
3168         (WTF::StringImpl::containsOnlyWhitespace):
3169         (WTF::StringImpl::substring):
3170         (WTF::StringImpl::characterStartingAt):
3171         (WTF::StringImpl::lower):
3172         (WTF::StringImpl::upper):
3173         (WTF::StringImpl::fill):
3174         (WTF::StringImpl::foldCase):
3175         (WTF::StringImpl::stripMatchedCharacters):
3176         (WTF::StringImpl::removeCharacters):
3177         (WTF::StringImpl::simplifyMatchedCharactersToSpace):
3178         (WTF::StringImpl::toIntStrict):
3179         (WTF::StringImpl::toUIntStrict):
3180         (WTF::StringImpl::toInt64Strict):
3181         (WTF::StringImpl::toUInt64Strict):
3182         (WTF::StringImpl::toIntPtrStrict):
3183         (WTF::StringImpl::toInt):
3184         (WTF::StringImpl::toUInt):
3185         (WTF::StringImpl::toInt64):
3186         (WTF::StringImpl::toUInt64):
3187         (WTF::StringImpl::toIntPtr):
3188         (WTF::StringImpl::toDouble):
3189         (WTF::StringImpl::toFloat):
3190         (WTF::equal):
3191         (WTF::equalIgnoringCase):
3192         (WTF::StringImpl::find):
3193         (WTF::StringImpl::findIgnoringCase):
3194         (WTF::StringImpl::reverseFind):
3195         (WTF::StringImpl::replace):
3196         (WTF::StringImpl::defaultWritingDirection):
3197         (WTF::StringImpl::adopt):
3198         (WTF::StringImpl::createWithTerminatingNullCharacter):
3199         * wtf/text/StringImpl.h:
3200         (WTF::StringImpl::StringImpl):
3201         (WTF::StringImpl::create):
3202         (WTF::StringImpl::create8):
3203         (WTF::StringImpl::tryCreateUninitialized):
3204         (WTF::StringImpl::flagsOffset):
3205         (WTF::StringImpl::flagIs8Bit):
3206         (WTF::StringImpl::dataOffset):
3207         (WTF::StringImpl::is8Bit):
3208         (WTF::StringImpl::characters8):
3209         (WTF::StringImpl::characters16):
3210         (WTF::StringImpl::characters):
3211         (WTF::StringImpl::has16BitShadow):
3212         (WTF::StringImpl::setHash):
3213         (WTF::StringImpl::hash):
3214         (WTF::StringImpl::copyChars):
3215         (WTF::StringImpl::operator[]):
3216         (WTF::StringImpl::find):
3217         (WTF::StringImpl::findIgnoringCase):
3218         (WTF::equal):
3219         (WTF::equalIgnoringCase):
3220         (WTF::StringImpl::isolatedCopy):
3221         * wtf/text/WTFString.cpp:
3222         (WTF::String::String):
3223         (WTF::String::append):
3224         (WTF::String::format):
3225         (WTF::String::fromUTF8):
3226         (WTF::String::fromUTF8WithLatin1Fallback):
3227         * wtf/text/WTFString.h:
3228         (WTF::String::find):
3229         (WTF::String::findIgnoringCase):
3230         (WTF::String::contains):
3231         (WTF::String::append):
3232         (WTF::String::fromUTF8):
3233         (WTF::String::fromUTF8WithLatin1Fallback):
3234         (WTF::operator==):
3235         (WTF::operator!=):
3236         (WTF::equalIgnoringCase):
3237         * wtf/unicode/Unicode.h:
3238         * yarr/YarrJIT.cpp:
3239         (JSC::Yarr::execute):
3240         * yarr/YarrJIT.h:
3241         (JSC::Yarr::YarrCodeBlock::execute):
3242         * yarr/YarrParser.h:
3243         (JSC::Yarr::Parser::Parser):
3244
3245 2011-10-27  Mark Hahnenberg  <mhahnenberg@apple.com>
3246
3247         Fixing windows build
3248
3249         Unreviewed build fix
3250
3251         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3252
3253 2011-10-27  Mark Hahnenberg  <mhahnenberg@apple.com>
3254
3255         Add ability to check for presence of static members at compile time
3256         https://bugs.webkit.org/show_bug.cgi?id=70986
3257
3258         Reviewed by Geoffrey Garen.
3259
3260         Added new CREATE_MEMBER_CHECKER macro to instantiate the template and the 
3261         HAS_MEMBER_NAMED macro to use that template to check if the specified class 
3262         does indeed have a method with that name.  This mechanism is not currently 
3263         used anywhere, but will be in the future when adding virtual methods from 
3264         JSObject to the MethodTable.
3265
3266         * runtime/ClassInfo.h:
3267
3268 2011-10-27  Mark Hahnenberg  <mhahnenberg@apple.com>
3269
3270         De-virtualize JSCell::toThisObject
3271         https://bugs.webkit.org/show_bug.cgi?id=70958
3272
3273         Reviewed by Geoffrey Garen.
3274
3275         Converted all instances of toThisObject to static functions, 
3276         added toThisObject to the MethodTable, and replaced all call sites
3277         with a corresponding lookup in the MethodTable.
3278
3279         * API/JSContextRef.cpp:
3280         * JavaScriptCore.exp:
3281         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3282         * runtime/ClassInfo.h:
3283         * runtime/JSActivation.cpp:
3284         (JSC::JSActivation::toThisObject):
3285         * runtime/JSActivation.h:
3286         * runtime/JSCell.cpp:
3287         (JSC::JSCell::toThisObject):
3288         * runtime/JSCell.h:
3289         * runtime/JSObject.cpp:
3290         (JSC::JSObject::put):
3291         (JSC::JSObject::toThisObject):
3292         * runtime/JSObject.h:
3293         (JSC::JSValue::toThisObject):
3294         * runtime/JSStaticScopeObject.cpp:
3295         (JSC::JSStaticScopeObject::toThisObject):
3296         * runtime/JSStaticScopeObject.h:
3297         * runtime/JSString.cpp:
3298         (JSC::JSString::toThisObject):
3299         * runtime/JSString.h:
3300         * runtime/StrictEvalActivation.cpp:
3301         (JSC::StrictEvalActivation::toThisObject):
3302         * runtime/StrictEvalActivation.h:
3303
3304 2011-10-27  Yuqiang Xian  <yuqiang.xian@intel.com>
3305
3306         Fix a small bug in callOperation after r98431
3307         https://bugs.webkit.org/show_bug.cgi?id=70984
3308
3309         Reviewed by Geoffrey Garen.
3310
3311         TrustedImmPtr is not expecting "int" type parameters.
3312
3313         * dfg/DFGJITCodeGenerator.h:
3314         (JSC::DFG::callOperation):
3315
3316 2011-10-26  Oliver Hunt  <oliver@apple.com>
3317
3318         Restore structure-clearing behaviour of allocateCell<>
3319         https://bugs.webkit.org/show_bug.cgi?id=70976
3320
3321         Reviewed by Geoffrey Garen.
3322
3323         This restores the logic that allows the markstack to filter
3324         live objects that have not yet been initialised.
3325
3326         * runtime/JSCell.h:
3327         (JSC::JSCell::clearStructure):
3328            Validation-safe method to clear a cell's structure.
3329         (JSC::allocateCell):
3330            Call the above method.
3331         * runtime/Structure.h:
3332         (JSC::MarkStack::internalAppend):
3333            Don't visit cells that haven't been initialised.
3334
3335 2011-10-26  Filip Pizlo  <fpizlo@apple.com>
3336
3337         REGRESSION (r97030): Cannot log in to progressive.com
3338         https://bugs.webkit.org/show_bug.cgi?id=70094
3339
3340         Reviewed by Oliver Hunt.
3341
3342         * dfg/DFGByteCodeParser.cpp:
3343         (JSC::DFG::ByteCodeParser::handleCall):
3344
3345 2011-10-26  Mark Hahnenberg  <mhahnenberg@apple.com>
3346
3347         Remove getOwnPropertySlotVirtual
3348         https://bugs.webkit.org/show_bug.cgi?id=70741
3349
3350         Reviewed by Geoffrey Garen.
3351
3352         Removed all declarations and definitions of getOwnPropertySlotVirtual.
3353         Also replaced all call sites to getOwnPropertyVirtualVirtual with a 
3354         corresponding lookup in the MethodTable.
3355
3356         * API/JSCallbackObject.h:
3357         * API/JSCallbackObjectFunctions.h:
3358         (JSC::::getOwnPropertyDescriptor):
3359         * JavaScriptCore.exp:
3360         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3361         * debugger/DebuggerActivation.cpp:
3362         (JSC::DebuggerActivation::getOwnPropertySlot):
3363         * debugger/DebuggerActivation.h:
3364         * runtime/Arguments.cpp:
3365         * runtime/Arguments.h:
3366         * runtime/ArrayConstructor.cpp:
3367         * runtime/ArrayConstructor.h:
3368         * runtime/ArrayPrototype.cpp:
3369         * runtime/ArrayPrototype.h:
3370         * runtime/BooleanPrototype.cpp:
3371         * runtime/BooleanPrototype.h:
3372         * runtime/DateConstructor.cpp:
3373         * runtime/DateConstructor.h:
3374         * runtime/DatePrototype.cpp:
3375         * runtime/DatePrototype.h:
3376         (JSC::DatePrototype::create):
3377         * runtime/ErrorPrototype.cpp:
3378         * runtime/ErrorPrototype.h:
3379         * runtime/JSActivation.cpp:
3380         * runtime/JSActivation.h:
3381         * runtime/JSArray.cpp:
3382         (JSC::JSArray::getOwnPropertySlotByIndex):
3383         * runtime/JSArray.h:
3384         * runtime/JSByteArray.cpp:
3385         * runtime/JSByteArray.h:
3386         * runtime/JSCell.cpp:
3387         * runtime/JSCell.h:
3388         * runtime/JSFunction.cpp:
3389         (JSC::JSFunction::getOwnPropertyDescriptor):
3390         (JSC::JSFunction::getOwnPropertyNames):
3391         (JSC::JSFunction::put):
3392         * runtime/JSFunction.h:
3393         * runtime/JSGlobalObject.cpp:
3394         * runtime/JSGlobalObject.h:
3395         * runtime/JSNotAnObject.cpp:
3396         * runtime/JSNotAnObject.h:
3397         * runtime/JSONObject.cpp:
3398         (JSC::Stringifier::Holder::appendNextProperty):
3399         (JSC::Walker::walk):
3400         * runtime/JSONObject.h:
3401         * runtime/JSObject.cpp:
3402         (JSC::JSObject::getOwnPropertySlotByIndex):
3403         (JSC::JSObject::hasOwnProperty):
3404         * runtime/JSObject.h:
3405         (JSC::JSCell::fastGetOwnPropertySlot):
3406         (JSC::JSObject::getPropertySlot):
3407         (JSC::JSValue::get):
3408         * runtime/JSStaticScopeObject.cpp:
3409         * runtime/JSStaticScopeObject.h:
3410         * runtime/JSString.cpp:
3411         (JSC::JSString::getOwnPropertySlot):
3412         * runtime/JSString.h:
3413         * runtime/MathObject.cpp:
3414         * runtime/MathObject.h:
3415         (JSC::MathObject::create):
3416         * runtime/NumberConstructor.cpp:
3417         * runtime/NumberConstructor.h:
3418         * runtime/NumberPrototype.cpp:
3419         * runtime/NumberPrototype.h:
3420         * runtime/ObjectConstructor.cpp:
3421         * runtime/ObjectConstructor.h:
3422         * runtime/ObjectPrototype.cpp:
3423         * runtime/ObjectPrototype.h:
3424         * runtime/RegExpConstructor.cpp:
3425         * runtime/RegExpConstructor.h:
3426         * runtime/RegExpMatchesArray.h:
3427         (JSC::RegExpMatchesArray::createStructure):
3428         * runtime/RegExpObject.cpp:
3429         * runtime/RegExpObject.h:
3430         * runtime/RegExpPrototype.cpp:
3431         * runtime/RegExpPrototype.h:
3432         * runtime/StringConstructor.cpp:
3433         * runtime/StringConstructor.h:
3434         * runtime/StringObject.cpp:
3435         * runtime/StringObject.h:
3436         * runtime/StringPrototype.cpp:
3437         * runtime/StringPrototype.h:
3438
3439 2011-10-26  Alejandro G. Castro  <alex@igalia.com>
3440
3441         [GTK] [WK2] Add WebKit2 distcheck support
3442         https://bugs.webkit.org/show_bug.cgi?id=70933
3443
3444         Reviewed by Martin Robinson.
3445
3446         * GNUmakefile.list.am: Add MemoryStatistics.h to the sources list.
3447
3448 2011-10-26  Michael Saboff  <msaboff@apple.com>
3449
3450         Increase StringImpl Flag Bits for 8 bit Strings
3451         https://bugs.webkit.org/show_bug.cgi?id=70937
3452